Use SVG images to gain stored XSS via uploading an SVG image.
Open S3 buckets can be used to find sensitive data. Dont forgot about google cloud storage though.
RCE exposed kubernetes API
RCE exposed docker API
Hacking elastic search databases
OWASP top 10 – How to hack sites vulnerable to Xml External Entity attack.
Companies always want to use bleeding edge technology. With new technology comes new vulnerabilities.
Open source intelligence gather is an important skill set to have. Learn to how discover employees of an organization.
The wayback machine archives the entire internet. Lets leverage it to find vulnerabilities on engagements.
Slack Group Before we get started I have started a slack group dedicated to hacking. We welcome everyone from beginner…