HackTheBox - Awkward

00:00 - Introduction
01:00 - Start of nmap
02:00 - Taking a look at the web page, finding users on the site, and using FFUF to VHost Enumeration due to talking about a store
04:25 - Fingerprinting the websites, dev looks to be PHP and the main page appears to be Vue
07:55 - Exploring the vue app in Firefox Dev Tools, discovering some routes in the webpack which lead to an API
11:50 - An JWT error message is …

api app dev enumeration fingerprinting firefox hackthebox introduction jwt main nmap php start store talking the web tools vue web webpack websites