In this article I am going to detail a non-exhaustive overview of bypassing WAFs by identifying a misconfigured underlying server. I will cover a few techniques that will include CloudFlare unmasking and identifying an AWS WAF typically deployed alongside EC2 instances. I
In this article I am going to detail a non-exhaustive overview of bypassing WAFs by identifying a misconfigured underlying server. I will cover a few techniques that will include CloudFlare unmasking and identifying
If you're a penetration tester, you'll know the beauty of grabbing hashes and how easy at times it can be. Perhaps you already know all of the techniques in this article, perhaps you
Hey, hackers! I noticed that a lot of people enjoyed my older OSINT articles (on our old company website; we were formerly Sequoia Cyber Solutions), even to the point that the article got
Howdy Haxors! That’s right, I am back with another banger of an article. Ready? If you read my last article on OSINT, you’ll know a little bit on how to find
To kick off this series on offensive security techniques, I am going to begin with what I consider to be the most important aspects of pentesting. Passive Recon and OSINT. Now, do not
Your enumeration strategy is going to be largely dependent on your scope. Scope defines a lot, and may be a crucial factor in the success of your engagement. If your scope is an