During a penetration test, you could lucky enough to find a RCE vulnerability: in this case, the next step should be to obtain an interactive shell.
Tag: penetration testing
SQLiv is a Python-based scanning tool that uses Google, Bing or Yahoo for targetted scanning, focused on reveal pages with SQL Injection vulnerabilities. It uses known dorks in order to find vulnerable URLs. Features multiple domain scanning with SQL injection dork by Bing, Google, or Yahoo targetted scanning by providing specific domain (with crawling) reverse […]
Search for sensitive data in GitHub repositories Developers generally like to share their code, and many of them do so by open sourcing it on GitHub. From Wikipedia: GitHub is a web-based Git or version control repository and Internet hosting service. It is mostly used for code. It offers all of the distributed version control […]
…and a python script to rule them all! In early stages of penetration tests you could like to run a port scan on a host without having it originated from your IP address. You can use some online services that allows this kind of scan. YouGetSignal Allow the scanning of a single port Ping.eu Like YouGetSignal, […]