HackTheBox Bank Walkthrough

by Vince
in Blog
Hits: 848

I've been poking around HTB lately.  As I was Googling things and looking at the different boxes in the retired section, I saw a mention of Bank.  I think I started Bank at some point because the first couple of steps with DNS seemed vaguely familiar but sometimes I get pulled away from play time and I don't finish what I started.  So anyway, I had a free minute and started over again yesterday and I'm glad I found my way back because it was fun.  A little unrealistic as these things go sometimes but not annoyingly so. 

Read more

JoomlaVS

by Vince
in Blog
Hits: 728

I stumbled upon this tool while following a link to a website that performs passive scans on various content management systems.  Instead of keeping their scanning technique a mystery, they list a bunch of open source tools that they leverage in parallel.  In addition to Joomscan which is something I already use, they mentioned JoomlaVS. 

The description states:  "JoomlaVS is a Ruby application that can help automate assessing how vulnerable a Joomla installation is to exploitation. It supports basic finger printing and can scan for vulnerabilities in components, modules and templates as well as vulnerabilities that exist within Joomla itself."

Read more

EmailGen Email Harvester

by Vince
in Blog
Hits: 721

EmailGen (found here) is an email harvester that was based off of another tool but simplified.  Those are my words, not those of the maker.  Prior to using this tool, you could setup a free Hunter.io account and use the API but that is not necessary.

Read more