The latest articles on DEV Community by lucap123 (@lucap123). https://dev.to/lucap123 https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Fuser%2Fprofile_image%2F3922193%2F7e3e1581-eecc-40b7-b8cf-565e532ecbe9.png https://dev.to/lucap123 en lucap123 Sat, 09 May 2026 17:05:12 +0000 https://dev.to/lucap123/i-built-a-cli-session-manager-for-web-hacking-im-tired-of-copy-pasting-auth-tokens-50-times-a-day-4ne4 https://dev.to/lucap123/i-built-a-cli-session-manager-for-web-hacking-im-tired-of-copy-pasting-auth-tokens-50-times-a-day-4ne4 <p>Every pentest I do the same thing: copy the same Authorization header <br> into curl, then ffuf, then nuclei. Token refreshes? Update everything. <br> Two targets at once? Constant confusion.</p> <p>So I built scope, a lightweight CLI tool that remembers your session <br> (base URL, headers, proxy) and injects it automatically into whatever <br> tool you run.</p> <p>scope new target --url <a href="https://api.target.com" rel="noopener noreferrer">https://api.target.com</a><br> scope set header "Authorization: Bearer eyJ..."<br> scope use target</p> <p>scope curl /users # headers auto-injected<br> scope ffuf -w words.txt -u /FUZZ<br> scope nuclei -t exposures/</p> <p>No GUI, no account, no cloud. Single binary, sessions stored as plain <br> JSON in ~/.scope/</p> <p>GitHub: <a href="https://github.com/lucap123/Scope" rel="noopener noreferrer">https://github.com/lucap123/Scope</a></p> cli security showdev tooling