all InfoSec news
HackTheBox - Drive
Feb. 17, 2024, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
02:30 - [MasterRecon] Examining CSRF Cookie to discover it is likely Django
07:50 - Using FFUF to bruteforce ID's of uploaded files, can discover valid ID's but not view the ID itself
14:00 - Accidentally deleting something important when FUZZING, always be careful of what you are doing with tools
16:45 - Discovering the /block endpoint allows us to view any file, discovering a file with credentials which lets us log into …
bruteforce can cookie csrf discover django doing drive ffuf files fuzzing hackthebox important introduction nmap start valid
More from www.youtube.com / IppSec
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Cybersecurity Engineer
@ Booz Allen Hamilton | USA, VA, Arlington (1550 Crystal Dr Suite 300) non-client
Invoice Compliance Reviewer
@ AC Disaster Consulting | Fort Myers, Florida, United States - Remote
Technical Program Manager II - Compliance
@ Microsoft | Redmond, Washington, United States
Head of U.S. Threat Intelligence / Senior Manager for Threat Intelligence
@ Moonshot | Washington, District of Columbia, United States
Customer Engineer, Security, Public Sector
@ Google | Virginia, USA; Illinois, USA