Getting a foothold: An attack plan

Introduction

So now that you have seen some of the processes of enumeration, it’s time to introduce a plan of attack. Seeing these issues in isolation is good of course and I can’t give a general attack plan that will work in every setting but in general, you usually follow a very similar strategy. It all comes down to enumeration, enumeration, and more enumeration. You will notice I keep on talking about http but also to check https and any web app not running on the default ports (80,443). Anything can reside on non-default ports but it seems like offsec likes…

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Thexssrat

Thexssrat

3.9K Followers

No b*llshit Hacking tutorials with extreme value in short bursts