Web Pentesting

Methodology

Adding a null byte

%00
%2500  //after url encoding

Upload restriction bypass

add FF D8 FF DB in hex editor of files or adding GIF89a or GIF87; may also work 

hexeditor \\installed in kali
PreviousHTB AD Enumeration & Attacks - Skills Assessment Part INextSubdomains, directories and Vhost listing

Last updated