Discovering vulnerable endpoints on API / Websites

Introduction Recently we had to do a security audit on a client’s API. However the documentation was very poor. After using some basic tools such as Zed Attack Proxy or Golismero. The report though kept haunting me for one reason when I was working on the API I realized that the error page had some […]

Read more
Reverse Engineering Game Files – d2i from Dofus

In the previous article talking about d2i I had not mentioned the thought process on how I reversed the file and understood its structure. I thought this could interest a few people. This is the thought process behind this previous article: http://medericburlet.com/dofus-d2i-reverse-engineering/ About d2i files Having done some work in the emulation of the game […]

Read more