Tuesday, 21 March 2023

SynAck Red Team Asssessment - Intro

Application

  • Several web applications
    • Need to complete all
  • Three infrastructure hosts
    • Need to complete all

Information

  • Requires web pentest techniques
    • Requires information gathering
    • Fuzzing host files
    • Bypass specific tweak flawed
    • Knowledge of exploiting flaws
  • Requires host pentest techniques
    • Tools for port scans
    • Scans for services expose
    • Exploiting vulnerabilities
    • Privilege escalate issues found

Exploit

  • OWASP Top 10 knowledge
  • Kali Linux tools usage
    • Nikto
    • Dirb
    • Metasploit
    • Burpsuite Free Edition
    • NMap

No comments:

Post a Comment

Friday Fun Pentest Series - 38 - Lack of Password Change Functionality - seotoasterv2.5.0

Description - It was noted that the application lacked password change functionality Lack of Password Change Functionality #1 Steps to Repro...