st justin :debian: on Nostr: What do you do when you can't find the way in during a pentest? I KNOW there is an ...
What do you do when you can't find the way in during a pentest? I KNOW there is an RCE somehow, I'm just not smart enough to find it.
*cries in n00b*
I've run multiple iterations of nikto, ffuf, wfuzz, sqlmap, nmapAutomator, a variety of NMAP scans, scripted, and manual enumeration techniques. I have a list of vhosts that have been discovered, with at least one that wasn't in DNS. I reviewed source code for apps, and every single CVE and report on potential issues I could find, and still no luck.
Guess I'll take another break and go sit outside for a bit.
#pentest #pentesting #cybersecurity
*cries in n00b*
I've run multiple iterations of nikto, ffuf, wfuzz, sqlmap, nmapAutomator, a variety of NMAP scans, scripted, and manual enumeration techniques. I have a list of vhosts that have been discovered, with at least one that wasn't in DNS. I reviewed source code for apps, and every single CVE and report on potential issues I could find, and still no luck.
Guess I'll take another break and go sit outside for a bit.
#pentest #pentesting #cybersecurity