Blog

AI_Cybersecurity

Offensive Cybersecurity Insights: The Spring Edition

Hello world! Welcome to another Hackcraft Newsletter crafted by our researchers. If we had to describe the past two months in one phrase: Cybersecurity chaos, accelerated by AI. Let’s dive into the stories that stood out and what they mean for you, plus blogs worth your time, and a few tools we think deserve your […]

race conditions

Race Conditions and Where to Find Them

Research and analysis by Themis Zoumpoulakis, Hackcraft’s Senior Cybersecurity Tester. What if the most dangerous bug in your application isn't a bug at all? Every function works as expected, every test passes correctly, access controls work as intended, and parameterized database queries return the right results. Yet, two requests arriving microseconds apart cause the system […]

Burp Suite

Token Auto-Refresher: Solving Auth Failures in Burp Suite

Intro Modern web application security testing increasingly relies on automated scanning tools to identify vulnerabilities efficiently. However, as a team, we consistently faced a persistent challenge with bearer token expiration during automated scans. When tokens expired mid-scan, our automated tools encountered authentication failures, resulting in incomplete coverage and requiring manual intervention to update tokens and […]