Pentest the Support Ops platform to exploit vulnerabilities and achieve RCE.对运维支持平台进行渗透测试,挖掘漏洞并实现远程代码执行(RCE)。 1 Support Challenge 运维支持挑战 A new internal Support Operations Plat…
Enumerate and identify misconfigurations across Apache, Nginx, Node.js, and Python HTTP Server.枚举并识别Apache、Nginx、Node.js 与 Python 内置 HTTP 服务器的各类错误配置。 1 Introduction 简介 During …
Infiltrate Recruit's new portal. Map the site, hunt for flaws, and gain unauthorised access.渗透 Recruit 的新门户系统。 摸清站点结构,寻找安全漏洞,并获取未授权的访问权限。 1 Recruit Challenge - Recruit 挑战背景 Re…
Learn to build targeted wordlists using OSINT and apply them in penetration testing.学习如何使用开源情报构建有针对性的字典列表,并将其应用于渗透测试。 1 Introduction 引言 This room will guide you through the fu…
Learn how to use Nmap to discover live hosts using ARP scan, ICMP scan, and TCP/UDP ping scan.学习如何使用 Nmap 通过 ARP 扫描、ICMP 扫描以及 TCP/UDP Ping 扫描来发现活动主机。 1 Introduction 引言 Nmap, s…
Learn about HTTP Request Smuggling and its different techniques.了解 HTTP 请求走私及其不同技术。 1 Introduction 简介 1.1 Introduction 引言 HTTP Request Smuggling is a vulnerability that arises…
Learn about web applications and explore some of their common security issues.学习关于网络应用程序,并探索它们的一些常见安全问题。 1 Introduction 引言 Every one of us uses different programs on our compu…
Learn how to use Extensions to broaden the functionality of Burp Suite.学习如何使用扩展来拓宽 Burp Suite 的功能。 1 Introduction 简介 Welcome to the Burp Suite Extensions room!欢迎来到 Burp Suite …
Take a dive into some of Burp Suite's lesser-known modules.深入了解 Burp Suite 的一些鲜为人知的模块。 1 Introduction 引言 Welcome to the Burp Suite Other Modules room!欢迎来到 Burp Suite 其他模块单元! I…
Learn how to use Intruder to automate requests in Burp Suite.学习如何在 Burp Suite 中使用 Intruder 来自动化请求。 1 Introduction 引言 In this room, we will explore Burp Suite's Intruder module…