Dependency Confusion attack
Wondering what is this kind of attack. Go through the amazing writeup of this bug discovered by Alex Birsan Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies The Story of a Novel Supply Chain Attackmedium.com And for your understanding in simple and common language you can browse the below link . https://0xsapra.github.io/website//Exploiting-Dependency-Confusion
Wondering what is this kind of attack. Go through the amazing writeup of this bug discovered by Alex Birsan
Dependency Confusion: How I Hacked Into Apple, Microsoft and Dozens of Other Companies
The Story of a Novel Supply Chain Attack
And for your understanding in simple and common language you can browse the below link .
Setup BloodHound tool on Windows and enumerate Active Directory Objects
BloodHound is an application used to visualize active directory environments. The front-end is built on electron and the back-end is a Neo4j database, the data leveraged is pulled from a series of data collectors also referred to as ingestors which come in PowerShell and C# flavours. It identifies different attack…
Inside thoughts 1) Becoming successful is not earning money, share your knowledge and become successful. 2)Never forget you roots wherever you are 3) Good person will not criticise or never underestimate other person. 4)Don’t thrive only for your success also help your friends too. 5) Don’t run behind money, you will not take a single penny when your time comes. 6) You should not boast yourself, it should come from others. If you do good deeds then your name will go through Word-of-mouth.
Django room in tryhackme
https://tryhackme.com/room/django it’s a free room First of all understand the basics how to add ALLOWED_HOSTS in seetings.py and read all the introduction of this room to understand how the app works After completion of reading the introduction , creating a website and concluding , now deploy the server Connect to…
Sharepoint Website Information disclosure and can make it to RCE(unfortunately i couldn’t)
This is the bug I have found in some vdp program and they really don’t have time to reply back i guess so posting the vulnerability details will be useful. First if you are taking any target keep in mind that you have to content discovery, you can use tools…
Stored Cross-Site Scripting(Non-Privileged User to Anyone)
Vulnerability Category: A7- Cross-site Scripting Vulnerability Description: A Stored Cross-Site Scripting (XSS) vulnerability occurs when a web application sends stored strings that were provided by an attacker to a victim’s browser in such a way that the browser executes part of the string as code. The string contains malicious data…