Uncategorized

Expanding your scope (Recon automation #2)

After we have gathered subdomains from various sources and by using some cool techniques, we proceed to our next step. Part #1 –A More Advanced Recon Automation #1 (Subdomains) Port scanning Yes I know, I […] Read More

Getting stack traces with limited SSRF (ASP.NET)

TL;DR  Most ASP.NET MVC sites have ‘customErrors’ on ‘RemoteOnly’, since this is default, which returns custom error pages outside of localhost (remote). But while on localhost, it returns the full error information including stack trace, […] Read More

Scroll Up