all InfoSec news
HackTheBox - Derailed
July 22, 2023, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
02:50 - Looking at the HTTP Headers, discovering Cross Origin and rails
03:50 - Testing the Clip Notes functionality for SSTI/XSS
06:30 - Using FFUF to fuzz all Clip Notes to see if there's an IDOR Vulnerability
10:30 - Looking at how the site is build, discovering Web Assembly
13:00 - Sending a long string for the username and discovering the data overflows and goes into the Date field
15:50 - Using …
assembly build ffuf fuzz hackthebox headers http idor idor vulnerability nmap origin rails ssti start testing vulnerability web xss
More from www.youtube.com / IppSec
HackTheBox - Analytics
1 month, 1 week ago |
www.youtube.com
HackTheBox - Manager
1 month, 2 weeks ago |
www.youtube.com
HackTheBox - AppSanity
1 month, 3 weeks ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Application Security Engineer - Remote Friendly
@ Unit21 | San Francisco,CA; New York City; Remote USA;
Cloud Security Specialist
@ AppsFlyer | Herzliya
Malware Analysis Engineer - Canberra, Australia
@ Apple | Canberra, Australian Capital Territory, Australia
Product CISO
@ Fortinet | Sunnyvale, CA, United States
Manager, Security Engineering
@ Thrive | United States - Remote