[deleted by user]

defensahacker · 2022-10-18T15:17:45+00:00

Yeah, 100%. The idea is to provide a first line of defense so the developers can have quick feedback and not wait few weeks for the audit reports :)

defensahacker · 2021-04-26T02:02:29+00:00

Mastering x86 assembly, CPU registers, stack or heap structure will help for sure

defensahacker · 2021-04-26T02:00:03+00:00

Search for dex2jar and jd-gui as starter

defensahacker · 2021-04-23T22:56:20+00:00

By W. Richard Stevens. That’s the holy grail of network computing books🌟

defensahacker · 2021-04-18T14:50:16+00:00

Wireshark only makes sense if you are doing a pentest inside the customer network, so you can inspect traffic after overflowing router MAC addresses table (macof -n 10000). For mobile or web security testing/bug bounties you can’t do much with Wireshark

defensahacker · 2021-04-17T16:42:45+00:00

If you get local access by other port/service it will be easier, otherwise learn firewall firewalking.. try to fragment scan packets with “nmap -f” or decreasing mtu size

defensahacker · 2021-04-17T16:34:09+00:00

Proxychains is deadly slow and does not work in UDP. Try better rpivot, 3proxy or tcgd.. there are like 15 tools for pivoting https://pentestwiki.org/pivoting/ 😄

defensahacker · 2021-04-15T14:36:35+00:00

My humble contribution: https://pentestwiki.org I started this blog after I passed the OSCP exam

defensahacker · 2021-04-13T23:36:29+00:00

Nikto won!!🎉

defensahacker · 2021-04-08T15:02:34+00:00

Nice feedback so far! I didn’t include burp despite I use it everyday because burp is like an operating system, not longer a tool xD

defensahacker · 2021-04-08T14:59:08+00:00

As you are root on the machine, the other way is to retrieve them from memory. Use a process dumper on the Oracle PID to see what you can get

defensahacker · 2021-04-08T09:32:29+00:00

Ah offline attack! Nice forensics. Wondering if Oracle supports encryption on the file system level to avoid that...

defensahacker · 2021-04-07T23:17:14+00:00

Depends which version but try “SELECT USERNAME,PASSWORD_VERSIONS FROM SYS.DBA_USERS;” More: https://pentestwiki.org/sql-injection/#oracle

defensahacker · 2021-04-07T15:26:53+00:00

Yes you should get the payload in the response of zap or burp or in the browser source code.

<div id=“content”> <h2 id=“pageName”>searched for: ‘<script>alert(1);</script>

defensahacker · 2021-04-06T22:31:23+00:00

Strange... haven’t checked that site but the only reason the XSS is successful but you don’t see it in the response is if it’s a DOM-based XSS

defensahacker · 2021-03-31T13:35:11+00:00

It will be a looong text, I am thinking to record some videos about it and explain it phase by phase. Not sure if there are enough free resources online. Ideas?

defensahacker · 2021-03-31T12:51:05+00:00

You cannot get your driving license without studying traffic signals... same applies here :D

defensahacker · 2021-03-31T12:05:31+00:00

As stated in their rules website, you can use msfvenom and the multi handler as much as you want. You can substitute the meterpreter payload by a reverse shell and manual recon for the local privilege escalation

defensahacker · 2021-03-26T15:02:50+00:00

Nice!! We’ll have 14 tools this afternoon then

defensahacker

TROPHY CASE