Demonstrating how Hackers search for exploits and Launching an attack with metasploit
Vložit
- čas přidán 5. 09. 2024
- Demonstrating how Hackers search for exploits, This is showing from a basic NMAP scan, using the scripting engine in NMAP, searching for the cve number, exploits on google. Showing an exploit on exploit-db, demonstrating searchsploit and connecting to my target via msfconsole.
Please, if possible, cover these advanced topics like How to bypass Drupal CMS or other secured CMS? How to bypass HARD WAF protection that stops HTML, SQL, and XSS injection payloads? Payload single-double-triple encoding using Cyber-Chef? How to find the real origin IP of secured websites behind Cloudflare, Akamai, ModSecurity, AWS CDN, etc.,? How to bypass Hard WAF using SQLMAP or Burpsuite? How to find hidden vulnerable parameters and endpoints inside the .js and .jason files? How to find hidden admin pages, cPanel pages, and WHM pages ? Please cover these important topics. Thanks
Instant sub. Glad I found you. This is a great video quick and to the point.
Thank you brother 💪💪
Instant sub, very informative vid and exactly what I was looking for
Ty bro
This is gold. Thank you!
Your welcome homie.
Haven't uploaded in a while
I'm grinding oscp still
thanks for the demonstration man.
Anytime
Also bro, i love coffee. i make it from home, i have some vids on here of my setup lol
@@Stealthycybertaco sure man. I'll watch it.
Yeah bro i feel like a parrot but instant sub youre one of my new favorites fr
ty brother
Good Work Bro it help me so much
The best of all
Please make beginner to advance level practical live website hacking, live website bug hunting, live website penetration testing, live website exploitation content video series...
🙏 😊 💯✌❤💚💙💜😍😘🤝
It's interesting video.Great!
ty bro
Thnx .
I hope u success Oscp
Thank you!
which lab did you use? . Thank
I don’t understand though. If all the exploits are readily showing through a scan, then what would be the point of bug bounty hunters?
Searching for exploits via search spoit or exploit-db = exploits that are already known to the world.
However, Bug bounty hunters are hackers / coders searching for potential exploits not released to the public.
They're performing tactics like fuzzing, debugging, and attempting random things to see how the application reacts.
If they've found a successful exploit, they either sell the hack to the shady market of hackers or release it in a bug bounty program and get paid.
Once those exploits are released to the company, they are awarded cash and a cve number
But for Windows 10 it's more difficult find exploit.I have try but it's no vulnerable with nmap.
.
make sure searchsploit is updated, use google as well. Search for exploit-db, github, and throw the term "hacking" in your search parameters on google. Ive had some peeps tell me bing worked better then google lol
ok bro thats really cool but who use W7 today ? I don't know anybody who's using W7. Could you do this action for W10 pro or W11 with the last updates please ? thanks
It's the same bro
Just like exploit db on the web.
W10 and 11 should be on there as well
@@Stealthycybertaco So what if after runing exploit it can't do nothing on http_apache server ? Can't get shell
I need to know firewal is on while you hacking this remote system
This is in a virtual environment lol
So most likely not aggressive
❤Q
what was the script?