Hey folks, here we back again with the most important topic in penetration testing or Bug Bounty Hunting “Recon” or “Information gathering”.

Content

  1. What’s Recon ?
  2. Recon based scope
  3. simple steps to collect all information in few time
  4. Recommended tools and automation frameworks
  5. Recommended blogs, streams to follow

What’s Recon ?

Before we start…


Hi! Today I will talk about my last findings at Cisco products BroadSoft BroadWorks, one of Cisco products. I’ve discovered 2 CVEs at it and assigned as

  1. CVE-2021–34785: IDOR lead to privileges escalation “Admin account takeover”
  2. CVE-2021-34786: IDOR lead to delete arbitrary admin user accounts

I will not talk about…


Today, I will talk about how to write a simple Python script to automate finding bugs. I will take a sample:> “LFI findings”.

Content

  1. Requirements
  2. URLs Prerequisites
  3. Coding
  4. Bonus Options
  5. Thanks

1. Requirements

  1. Wayback URLs with parameters, you can check my simple methodology to know how to grab them. [Ex. https://example.com?file=ay_value.txt]
  2. Python3 and…


Hey folks! Today we have a new interesting machine from HackTheBox “APT”.

This machine was my first INSANE boxes I’ve solved, so I considered it one of my favorite machines, let’s take a look at its info


Hey folks, today we have one of HackTheBox machines “Time” which medium level, let’s take a look at its info

It’s based on Linux OS and depends on CVE’s for foothold exploit, let’s get started…

What we will do ?

As usual, we have some steps which we follow to pwn any machine, our steps…


Hey folks, today we have a new easy machine from HTB “Luanne”, it’s an easy level and based on Enumeration, custom exploitation and have a little of CTF techniques.

What we will do ?

As usual, we have some steps which we follow to pwn any machine, our steps are:

  1. Recon / Information gathering
  2. Scanning


Hey folks, here’s the walkthrough of the crossfit machine from HTB.

You can check my Mind map


Hey friends! Today we have a new machine from HackTheBox “Reel2”.

For some personal reasons there’s no writeup for it until now, but you can check my walkthrough from this video

Stay tuned for the writeup :)


Hey folks, today we have a new machine from Hack The Box “Passage” which is a medium box and have new techniques in the privilege escalation part, let’s take a look at its info

What we will do ?

As usual, we have some steps which we follow to pwn any machine, our steps are:


Hey folks! Today we have a new EASY machine from HackTheBox. Let’s take a look at its info before we get started.

What we will do ?

As usual, we have some steps which we follow to pwn any machine, our steps are:

  1. Recon / Information gathering
  2. Scanning
  3. Gaining Access
  4. Maintaining Access
  5. Reporting / Analysis

Eslam Akl

Offensive Security Enthusiast

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store