all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Multiple web-apps attacks

Add to bookmarks
June 8, 2023, 9:44 a.m. | /u/BeuTenalach

cybersecurity www.reddit.com

Sec analyst here, recently noticed multiple attempts on our external facing apps including sub paths for directory traversal as


/adfs/ls/


/BACKUP.go.old


/.inc.old


/COPY.py.bak


/backup.go.old

/config\_2.old


/copy.php.bak


/config.json.bak


/config.script.bak


/.json.old


/COPY\_of\_1.bak


/COPY.php.old


/site.py.old


/.pl.old


user agent - python-requests/2.28.1

I'm digging into the attack vectors ,all GET methods, seems like more of a reconnaissance attempt from , well Hong Kong obv. Any advice on what to look for specifically? I do see a few status 200 OK and 302 Found which had …

adfs agent analyst apps attack attacks attack vectors backup copy cybersecurity directory directory traversal external inc. json old php python reconnaissance requests script sec web

Visit resource

More from www.reddit.com / cybersecurity

LockBit leader unmasked and sanctioned 4 hours ago | www.reddit.com
cybersecurity leader lockbit unmasked
SOC L3 feels like customer service 4 hours ago | www.reddit.com
alert alerts analyst connections +15
Hey cybersecurity peeps, what have you automated? 5 hours ago | www.reddit.com
automate automated boys can +8
Hackers discover how to reprogram NES Tetris from within the game 6 hours ago | www.reddit.com
cybersecurity discover game hackers +1
How can I break into cybersecurity after my IT audit internship? 14 hours ago | www.reddit.com
audit can cybersecurity don +1
It's RSA week, so get ready for some of the dumbest cybersec shit to be … 17 hours ago | www.reddit.com
business ciso cybersec cybersecurity +6
China hacked Ministry of Defence, Sky News learns 19 hours ago | www.reddit.com
china cybersecurity defence hacked +2
New-ish tools that are all the rage? 21 hours ago | www.reddit.com
cybersecurity free google home +6
Ring agrees to pay $5.6 million after cameras were used to spy on customers | … 1 day ago | www.reddit.com
cameras customers cybersecurity malwarebytes +3

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Product Regulatory Compliance Specialist

@ Avery Dennison | Oegstgeest, Netherlands
View on infosec-jobs.com

Cyber Security Analyst

@ FinClear | Melbourne, Australia
View on infosec-jobs.com

Senior Application Security Manager, United States-(Virtual)

@ Stanley Black & Decker | New Britain CT USA - 1000 Stanley Dr
View on infosec-jobs.com

Vice President - Information Security Management - FedRAMP

@ JPMorgan Chase & Co. | Chicago, IL, United States
View on infosec-jobs.com

Vice President, Threat Intelligence & AI

@ Arctic Wolf | Remote - Minnesota
View on infosec-jobs.com

Cybersecurity Analyst

@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States
View on infosec-jobs.com
View more jobs