Pintu Solanki

Let's practice on OWASP BWA and metasploitable 2 lab ✌️

Cheers to 2024 as a new year! ...




#2024

Happy New Year 2024

🏞️

Incident Response for Common Attack.

Nice sheet for analysts and IRP creators with tips to respond to common attacks. But, bear in mind to:

-Build a team and roles.
- Create a complete IRP with R&R.
- Communication is critical.
- Save the post-mortem for the actual “post.”
- Automation can be the key to success.
- Take it to cloud scenarios.

Thanks for the sheet, Berrin Tok.
   

What XSS Impact and Risk

XSS can have huge implications for a web application and its users. User accounts can be hijacked, credentials could be stolen, sensitive data could be exfiltrated, and lastly, access to your client computers can be obtained.

A port is a virtual point where network connections start and end. Ports are software-based and managed by a computer's operating system. Each port is associated with a specific process or service.

Solving SSRF (server side request foregry) vulnerable labs on PortSwigger academy is my favorite pastime this days. I have plenty of challenges to solve. Great content.

Portswigger

I learned these new topics in this lab 👇👇👇👇

(a) Basic SSRF against the local server

(b) Basic SSRF against another back-end system

(C) SSRF with blacklist-based input filter

(d) SSRF with whitelist-based input filter

(e) SSRF with filter bypass via open redirection vulnerability

🙌 Thanks Cognitive Class

leave your personal advice for good report writing