It would be great if we add solution to each section that protects your code/server.
For example a PHP script that sanitises request strings against all attacks

Hi All,

So I'm trying to use hydra to bruteforce a login on a system that uses custom http headers to receive the username and password. Hydra does not seem to be doing substitution of ^USER^ and ^PASS^ when used as HTTP headers. If I issue issuing a call to hydra like this:

hydra "http-post://0.0.0.0:8000/:H=username\:^USER^:H=password\:^PASS^" -l admin -p admin

I see the following r

Is your feature request related to a problem? Please describe.
Monkey Island should listen to port 80 and 443 (if not taken) and redirect clients to the correct Island port.

Describe alternatives you've considered
We don't want to move the Island to port 443 because that loses us a ATT&CK technique for uncommon port, but many users accidentally browse to default http/https.

Multiples wiki issues.

Typos

• https://github.com/infobyte/faraday/wiki/Executive-Report#using-markdown-on-a-report: -lenguage +language

Bad links

• https://github.com/infobyte/faraday/wiki/Executive-Report#requirements: https://github.com/infobyte/faraday/wiki/first-steps, the nedpoint first-steps doesn't exist anymore.

Images

• https://github.com/infob

Many users of Cameradar are not english-speakers but Chinese and Russian speakers. I saw already that @wxylssy started translating the README to Simplified Chinese on his fork.

It would be nice to have official translations to help new users that are not english-speakers understand the project, so @wxylssy if you'd like to contribute you are more than wel

I would like to see documentation for using Astra with most popular authentication/token methods. So much work but just one page of documentation. Please update this so it gets more widely used and more feedback on the product this way. Thanks

Calling all pentesters and/or people like myself who find infosec pretty neat!

Do you have any cool Shodan.io queries that you've come across — cool, funny, interesting, scary, facepalm-inducing, or otherwise? Some examples of IOT gems we've already found are electronic billboards with banks advertising free donuts, gas station pumps around the country, X-ray machines, 3D p