Activity for Steve Pinkham
-
Steve Pinkham posted a comment on ticket #81
That seems to be part of a paid course by getmimo.com, not sure randos have permission to attempt to hack it.
-
From the Getting Started guide on the desktop: "If you wish to make changes or update the system, the username and password are both dojo. There is no root user, if you need to do something as root, use sudo and the dojo password"
-
Add local DOM XSS example (not linked to yet)
-
Improve DOM XSS demo
-
Update burp free
-
Update mutillidae
-
Burp 1.7.30
-
Fix burp launcher for free -> community rename
-
FF profile for 57
-
Add sideex (beta selenium IDE)
-
Dojo 3.3 background
-
remove firefox hold
-
Add MM3 config file in ~/tools
-
Update changes for 3.2
-
Upgrade ZAP
-
Burp free to 1.7.29
-
Not reproducable
-
Insecure web app admin login broken
-
Unintended Firefox updates
-
FF locked at current version for now, and pop under for clean firefox disabled.
-
64 bit as of 3.2
-
Move to 64 bit
-
Give burp 512MB max
-
Switch to node.js LTS
-
Set browser.disableResetPrompt to stop FF reset
-
Cannot reproduce, logging in as admin shows extra admin functions for me. Can you give me more detailed info, like steps to reproduce, expected result, actual result?
-
Hold firefox package for now
-
Fix arachni install on x64
-
I'm guessing we've not had this problem before as we're always pushing a new version of dojo for most training sessions: Firefox only offers those pop unders after 30 days of non-use.
-
Do you know what version they were running? If they were running 56 (which is the latest version in ubuntu repos and latest firefox release) the extension should load fine, but installing it does not add the icon to the firefox UI anywhere, you have to do that manually. If they were running 57 beta somehow, the extension site won't even let them download the extension. My guess is it had nothing to do wih firefox version itself, but that they selected the little pop-under on Firefox startup that...
-
Do you know what version they were running? If they were running 56 (which is the latest version in ubuntu repos and latest firefox release) the extension should load fine, but installing it does not add the icon to the firefox UI anywhere, you have to do that manually. If they were running 57 beta somehow, the extension site won't even let them download the extension. My guess is it had nothing to do wih firefox version itself, but that they selected the little pop-under on Firefox startup that...
-
Unintended Firefox updates
-
Move to 64 bit
-
Move terminal emulator shortcut
-
Expand Burp memory
-
Upgraded to 256
-
Upgrade burp memory to 256MB
-
More options: https://github.com/openstack/bandit https://github.com/SonarSource/sonarqube https://github.com/presidentbeef/brakeman
-
Fix Getting Started html
-
Make some updates to getting started doc
-
Expand Burp memory
-
Add 3.1 changes
-
Fix some release checklist details
-
arachni update
-
Fix webgoat bookmark
-
Fix firefox bookmarks
-
Fixes for new firefox bookmark storage location
-
Fix doc links to work in FF
-
Remove firebug, add c4c, change home & new tab URL
-
Add firefox changing script
-
Remove firefox saved profile in cleanup script
-
Add note on which zap plugins are updates
-
Update firefox bookmarks for new target names
-
Fix info for disabling screen lock and screensaver
-
Update zap plugins
-
Fix hosts file for new target names
-
Fix juiceshop launcher address
-
Seems mostly up to date. Compare to burp plugins like software-version-reporter and any similar zap plugins before adding.
-
Add whatweb - fingerprinting tool in ruby
-
Add blind elephant - web fingerprinter written in python
-
Unmaintained.
-
Add pcap in metasploit install
-
pcap seems to have been added.
-
Evaluate other targets
-
Either added or rejected. Closing.
-
Make customization easier
-
Skip login screen now, and firefox home page works. This is so old I don't even remember the issue.
-
Change ratproxy default port in our installed version
-
ratproxy removed
-
Gruyere missing resetbutton feature
-
moved to its own hostname
-
Gruyere launches to 127.0.0.1 instead of localhost
-
Yes, only in their install, respins the target in their cloud.
-
Gruyere missing resetbutton feature
-
Missing browser bookmark for new target (Juice Shop)
-
Was actually in build version already, must have added after final build.
-
Update dojo web address to https
-
Remove ratproxy, davtest & skavenger
-
Change to per target names
-
Gruyere launches to 127.0.0.1 instead of localhost
-
Move terminal emulator shortcut
-
It's not that burpsuite doesn't display it, firefox skips proxies for 127.0.0.1. We can change that config setting.
-
Add grepbugs
-
Add graudit
-
We settled on ZIM for now.
-
consider dradis for note taking
-
Update firefox profile for current targets
-
Remove w3af target
-
Remove sqli-labs
-
Remove more of sqli-labs
-
consider WATOBO for MITM tool
-
Watobo has been added and removed again as some of it's dependencies are not maintained, and burp and zap have taken its place.
-
limit attack surface
-
Added ufw firewall rules to limit access to localhost for all services. Other layers: Some services still listen on localhost only, and we still ship a VM with NAT by default.
-
Add Juice shop to menus
-
Dojo 3.1 background
1 >
