all InfoSec news
HackTheBox - Vessel
March 25, 2023, 3:04 p.m. | IppSec
IppSec www.youtube.com
00:50 - Start of nmap
03:00 - Running gobuster and showing the importance of using multiple wordlists.
05:00 - Attempting to register an account, which shows the endpoint /api/register but /api/ returns a 404
06:10 - Showing that raft-small-words wordlist won't discover .git but commons.txt will because commons has .git/HEAD
08:25 - Running Git-Dumper to extract the source then looking at …
account api box code commons cve discover endpoint exploit extract git git-dumper gobuster hackthebox head introduction nmap register start talking txt vulnerable wordlist wordlists
More from www.youtube.com / IppSec
HackTheBox - Analytics
3 weeks, 5 days ago |
www.youtube.com
HackTheBox - AppSanity
1 month, 1 week ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
SOC 2 Manager, Audit and Certification
@ Deloitte | US and CA Multiple Locations
Information Security Engineers
@ D. E. Shaw Research | New York City
Security Engineer, Incident Response
@ Databricks | Remote - Netherlands
Associate Vulnerability Engineer - Mid-Atlantic region (Part-Time)
@ GuidePoint Security LLC | Remote in VA, MD, PA, NC, DE, NJ, or DC
Data Security Architect
@ Accenture Federal Services | Washington, DC
Identity Security Administrator
@ SailPoint | Pune, India