all InfoSec news
Hacking into gRPC-Web
Manipulating gRPC Web Payloads and Finding Hidden Services
How Did It Start?
It started when I faced a web application using gRPC-Web and I could not manipulate the requests in Burp Suite. I searched a lot and there was no good or complete resource for pentesting gRPC-Web, then the research began and I could make a tool and a Burp Suite Extension for manipulating payloads. I also found a hidden gRPC-Web parameter SQLi vulnerability in a travel agency company and …