From a 404 to RCE via SSTI and Stored XSS
How a simple 404 page hid an exploitation chain that led to Stored XSS and RCE via Twig SSTI — fully compromising the infrastructure.
Read post →← All posts
Filtering by tag
#recon
2 posts found.
Large-scale Subdomain Enumeration via ASN
Using Autonomous Systems and port scanning to enumerate subdomains at scale.
Read post →