-
# 0xffsec Handbook: The Pentester's Guide | 0xffsec Handbook
A Living Reference Book for Web Application Security and Pentest/CTF
[http://localhost:1313/](http://localhost:1313/)
-
Hello,
It's again me.
I'm trying to get a hands on a new design, and I need to create a "Team" List, comprising of Name and Internal identifier (such as `PENTESTER_0001`)
As of right now, we wi…
-
Hello, from version 3.2.7 i got no implicit conversion of Hash into String in rack-attack gem here
`Rack::Attack::Fail2Ban.filter("pentesters-#{req.ip}", maxretry: 3, findtime: 10.minutes, bantime:…
-
**Describe the bug**
A pentester has hit the wporg-patterns api in such a way that the pattern directory generates an invalid ElasticSearch request. Causing a 400 Bad Request warning.
I can't tell…
dd32 updated
3 months ago
-
Please view the [books list page](https://github.com/nixawk/pentest-wiki/blob/master/Books/README.md). If you want to share a good book, please paste the following information here.
-
Would it be possible to add partitioning on audit ?
In detail :
Many companies have different pole or different client and some audits are confidentials. The main issue with pwndoc is that anyone…
-
On his [blog](https://blog.orange.tw/2024/08/confusion-attacks-en.html), the well known pentester Orange Tsai shows a new class of attacks on modular webservers. His target was Apache httpd and he qui…
-
hi
-
It would be nice to receive some email notifications from SysReptor.
This ticket is for brainstorming what could trigger an email.
* When a project was archived (encrypted) to remind pentesters …
-
There are other publicly known attack methods in Kubernetes, would be great to see documented and automated.
Cred Access:
* Call token request `POST /api/v1/namespaces/$NS/serviceaccounts/$SA/to…