Пропускане към основното съдържание

Offensive-Penetration-Security

Offensive Penetration Security, is an IT organization, which protects its customers from malicious peoples.


We provide IT consultation, we can build your security platforms for your company.
We can study your guys from your SOC center.
We can build custom software, based on SSET to protect your company.
We can be your security analysts!
We can beat your cyber fears and we can protect your sensitive information from inside and outside!
Please feel free to contact us at email: ops-secur1ty@protonmail.com
M.S Director and Manager
V.V @nu11secur1ty S.A.I.E Technical Manager
BR

Коментари

Popular Posts

CVE-2021-44228

REPRODUCE OF THE VULNERABILITY =): Collaboration: silentsignal

CVE-2022-21907

Donate if you are not shame!

DVWA - Brute Force (High Level) - Anti-CSRF Tokens

This is the final "how to" guide which brute focuses Damn Vulnerable Web Application (DVWA), this time on the high security level. It is an expansion from the "low" level (which is a straightforward HTTP GET form attack). The main login screen shares similar issues (brute force-able and with anti-CSRF tokens). The only other posting is the "medium" security level post (which deals with timing issues). For the final time, let's pretend we do not know any credentials for DVWA.... Let's play dumb and brute force DVWA... once and for all! TL;DR: Quick copy/paste 1: CSRF=$(curl -s -c dvwa.cookie "192.168.1.44/DVWA/login.php" | awk -F 'value=' '/user_token/ {print $2}' | cut -d "'" -f2) 2: SESSIONID=$(grep PHPSESSID dvwa.cookie | cut -d $'\t' -f7) 3: curl -s -b dvwa.cookie -d "username=admin&password=password&user_token=${CSRF}&Login=Login" "192.168.1...