hacktricks
hacktricks copied to clipboard
HackTricks-wiki
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
Documented using beanshooter to enumerate and exploit JMX services running on top of Java RMI.
Hello friend, I was reviewing your profile and I think you are the right person for the help I need. A few days ago I found a vulnerability in a...
https://www.n00py.io/2021/09/resetting-expired-passwords-remotely/
Fixed login brute force script so it doesn't just find one username per starting letter - this royally boned me and I don't want anyone else to feel the pain.
In the Code Review Tools -> JavaScript -> Static Analysis -> Deobfuscate/Unpack section: - https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/code-review-tools#static-analysis I've been maintaining my own more comprehensive list of tools/helpful resources in this gist: -...
**Issue Description:** Hello, I have noticed an error in the command at the following location: https://github.com/carlospolop/hacktricks/tree/master/linux-hardening/privilege-escalation#scriptbinaries-in-path **Error Description:** The `-type` parameter for the `find` command should not be `-f`. The...
Relating [this part of HackTricks](https://book.hacktricks.xyz/pentesting-web/content-security-policy-csp-bypass#unsafe-eval). The bypass shown here doesn't work on either the latest Chrome or Firefox. The reason is for "data URI" to be evaluated, the 'data:' source...
I would like to introduce the IP2Location.io which can be used to detect IP geolocation, data center, ASN and even VPN information. It offers free 30K queries per month. I...
Metadata
Owner
Metadata
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.