Getting a foothold: An attack plan

Introduction

So now that you have seen some of the processes of enumeration, it’s time to introduce a plan of attack. Seeing these issues in isolation is good of course and I can’t give a general attack plan that will work in every setting but in general, you usually follow a very similar strategy. It all comes down to enumeration, enumeration, and more enumeration. You will notice I keep on talking about http but also to check https and any web app not running on the default ports (80,443). Anything can reside on non-default ports but it seems like offsec likes…

--

--

--

No b*llshit Hacking tutorials with extreme value in short bursts

Love podcasts or audiobooks? Learn on the go with our new app.

Recommended from Medium

8 Ways Machine Learning Can be Used in Cybersecurity

Current Security Solutions Don’t Work For Creatives…Here’s Why

OriginTrail Bug Bounty Program

Tips & Tricks 3: How to assess the security of your ICS architecture ?

Urban surveillance in San Diego

Cross Site Port Attack - A Stranger’s Call

Web 2 problems for Web 3 projects

Thanks for making RSA 2017 a huge success

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Thexssrat

Thexssrat

No b*llshit Hacking tutorials with extreme value in short bursts

More from Medium

Kenobi Walkthrough | TryHackMe | Explained | Part 1

Breaking Parser Logic Gain Access To NGINX Plus API — Read/Write Upstreams.

X-XSS-Protection headers. Protection or vulnerability?