-
Someone reported anonymously:
### Website URL
https://book.hacktricks.xyz
### What browser are u using?
Edge 115
### Version
1.1.1
### Notes
-
Hello,
Hope all is well?
A great idea from a security wise perspective is to change the rabbitmq default username and password located in:
docker-compose.yml
See the following code:
```
ve…
-
Hi Team,
I was reviewing the section on "Deep links / URL schemes" at https://book.hacktricks.xyz/mobile-pentesting/android-app-pentesting/android-applications-basics and noticed a potential discre…
-
### OSCP-CheatSheet
https://notchxor.github.io/oscp-notes/2-web/LFI-RFI/
https://github.com/WDavid404/OSCP-CheatSheet
https://github.com/saisathvik1/OSCP-Cheatsheet
### wadcoms
https://wadcoms.…
-
@carlospolop, in order to increase the ease of workflow while pen-testing/CTF-ing, I put together a platform to host "basic-information" and "enumeration" scans (as annotated by this book). My thought…
-
Why is this written in Spanish in the English Version of the text (all other text is in English)? Can I modify it?
Also, I would like to format all of the Nmap pages since I have been formally…
-
CRS is currently not detecting XSLT Server side Injection.
https://book.hacktricks.xyz/pentesting-web/xslt-server-side-injection-extensible-stylesheet-language-transformations
Are there any plans t…
-
Keypoint:
- 9000/tcp port RCE [hacktricks](https://book.hacktricks.xyz/network-services-pentesting/9000-pentesting-fastcgi) and it provides an [exploit py file](https://gist.github.com/phith0n/9615e2…
-
-
https://book.hacktricks.xyz/linux-unix/privilege-escalation#doas
Paths:
* /etc/doas.conf
* /usr/local/etc/doas.conf