Previse: gobuster find directories, with burpsuite bypass redirect,
Traverxec
Traverxec:
nostromo 1.9.6 – Remote Code Execution
Pikaboo
Pikaboo
Spider
SpiderSSTI(Server-Side Template Injection)
https://github.com/swisskyrepo/PayloadsAlTheThings/tree/master/Server%20Side%20Template%20Injection#jinja2
Tentacle
Tentacle
WPAD stands for Web Proxy Auto-Discovery Protocol.
Homepage: https://github.com/rofl0r/proxychains-ng
CVE-2020-7247
Time
jackson-databind exploitation
https://github.com/FasterXML/jackson-databind
HackTheBox Beginner’s Guide
HackTheBox Beginner’s Guide
Love
Love Windows Voting System 1.0 evil-winrm (winrm 5985,5986)
Shield
wordpress website. with msfconsole upload nc.ex to wordpress uploads. start nc.exe and connect back to attacker’s nc listener.
Vaccine
SQL injection vulnerabilities