Pentesting Quick Reference OSCP and Beyond

Web Pentesting

PreviousAttacking Active Directory & NTDS.dit 1 NextSubdomains, directories and Vhost listing

Last updated 4 months ago

Methodology

Adding a null byte

%00
%2500  //after url encoding

Upload restriction bypass

add FF D8 FF DB in hex editor of files or adding GIF89a or GIF87; may also work

hexeditor \\installed in kali