all InfoSec news
HackTheBox - Topology
Nov. 4, 2023, 3 p.m. | IppSec
IppSec www.youtube.com
01:00 - Start of nmap
02:30 - Discovering Discovering the LaTeX Equation Generator Page
04:10 - Attempting to get code execution, discovering a WAF. Building a wordlist and using FFUF to identify potentially dangerous commands that aren't blocked
07:45 - Discovering lstinputlisting is not blocked, which will let us read files
10:45 - Using FFUF to bruteforce subdomains, show the automatic calibration, so you don't need to manually specify filters
13:25 - Looking for the Apache Config …
blocked building code code execution equation ffuf files generator hackthebox identify introduction nmap page start waf wordlist
More from www.youtube.com / IppSec
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Senior Security Researcher, SIEM
@ Huntress | Remote Canada
Senior Application Security Engineer
@ Revinate | San Francisco Bay Area
Cyber Security Manager
@ American Express Global Business Travel | United States - New York - Virtual Location
Incident Responder Intern
@ Bentley Systems | Remote, PA, US
SC2024-003533 Senior Online Vulnerability Assessment Analyst (CTS) - THU 9 May
@ EMW, Inc. | Mons, Wallonia, Belgium