Chris CDec 26, 2023

SaturdayMP Show #25: TPS Report Uploader CFT Walkthrough (Vulnerable Blazor Application)

https://youtu.be/uBnua-JZrec

Happy Holidays!

In this episode I do a walkthrough of the TPS Report Uploader capture the flag (CTF) I created.

Question you want answered in a future video? Pair on a problem? Constructive feedback? DM me or email [email protected].

#blazor #burpsuite #cybersecurity #gobuster #ctf #saturdaymp #saturdaympshow

SaturdayMP Show #25: TPS Report Uploader CFT Walkthrough (Vulnerable Blazor Application)

YouTube
BennetDec 9, 2023

Tag zsam 👋
weiter geht die Reise. Gestern Spaß mit #gobuster heute Spaß mit #WPScan. Es gibt schon richtig gute und viele Tools. Habe schon einige kennengelernt und die praktischen Aufgaben sind auch gut. Nur fehlt mir irgendwie auf das Kapitel zugeschnittene freiwillige zusätzliche praktische Aufgaben. 🤔
Naja...man kann ja nicht alles haben.

Morgen schaue ich mir dann #nikoto genauer an. 👀

[32🔥] #tryhackme

BennetDec 8, 2023

Moin 👋
eigentlich habe ich ja derzeit den Pfad der #Web #WebFundamentals beschritten und habe diesen bereits zu 95% abgeschlossen.

Nun gibt es dort aber ein Modul was andere Module voraussetzt/empfiehlt. Nun gut, also gibt's jetzt einen kleinen "Umweg". Dafür hatte ich heute Spaß mit #gobuster 😀

[31🔥] #tryhackme

Michael GarwegNov 20, 2023

I just solved the "Web Enumeration" room on @RealTryHackMe to work on my #Gobuster, #WPScan and #Nikto skills.

Also started taking notes in markdown language with #joplin I think, I will stick with that for the sake of organized notes.

OJJun 2, 2023

We run an OpenCollective fundraiser for #Gobuster, where all proceeds go to varies charities once we hit a certain financial threshold (usually around USD $500). We've just donated the most recent batch of funds to "Kids Helpline" (https://kids-helpline-tax-appeal-2023.raisely.com) here in Australia, run by Yourtown (https://yourtown.com.au/donate).

For transparency ...
Donation expense is here: https://opencollective.com/gobuster/expenses/142097

Support the kiddos!

Thanks to everyone who donated. You're frickin' awesome.

Donate to Kids Helpline and provide an immediate impact to a young person today.

This Tax Time, please give generously to Kids Helpline. Together, we can make a difference in the lives of young people across Australia right now.

Dennis IrsiglerFeb 6, 2023

Does anyone know how I could #fuzzy test #api endpoints of URLs with unknown depth of the API endpoint?

For example I have:
- example.com/api/thing
- example.com/api/internal/thing
- example.com/api/v1/doc/thing

The known constant is the domain and the first /api/ URI. Everything else should puzzle itself together.

I used now #gobuster and the SecLists, but somehow miss something.

Elias FoxDec 3, 2022

I’m making a thing. If you’ve ever wanted to brute force URLs on #iOS, I have an app beta for you.

https://testflight.apple.com/join/9UGqTaIZ

I’m going for ease of use, robust tagging support, and native feel. Lemm know what you think.

#infosec #dirb #gobuster #dirbuster #pentesting

Join the Fuzzi - Website Enumerator beta

Available on iOS

Elias FoxNov 19, 2022
Testing video upload/sharing. This is my in development #iOS HTTP enumerator (think #gobuster). Written in #Swift #SwiftUI using #CoreData. #infosec