Collaborate Disseminate
Starting Nmap 7.94SVN ( https://nmap.org ) at 2024-04-21 04:39 EDT
Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn
Nmap done: 1 IP address (0 hosts up) scanned in 3.26 seconds
Anyone ever had a vulnerability scanning experience on HSM Thales Payshield?
In my company, we are performing security scans on our infrastructure and we are considering how to treat HSM. We are using Qualys, and our HSM management office … Continue reading Vulnerability scans on HSM Thales payShield [closed]
My internet would just stop randomly. Router and modem both show that they are "still connected". What it seems to do is lock up my connection for 5-20 seconds at a time. Normally, no big deal, but streaming, and some games (Lik… Continue reading ACK scans and network disconnects [closed]
OWASP ZAP is used to scan vulnerability on web application but its site says " Because this is a simulation that acts like a real attack, actual damage can be done to a site’s functionality, data, etc."
So why would someone use i… Continue reading Why use OWASP ZAP when it could damage the web application?
I am currently working on an assignment paper that asks how each type of fuzzing would work and in what use case they would be used.
I defined Feedback as a tool that would throw inputs which would deviate and check to see if those deviate… Continue reading In what use case would Mutational and Feedback fuzzing be used in?
I am working on this question which asks how you would conduct a scan of a target network to identify open service ports without revealing your IP address. It wants details such as IP address obfuscation, requirements to be met to receive … Continue reading How would you hide yourself whilst conducting a scan on a target network to identify open service ports?
I’ve been asked and given permission to scan IPs on a different continent.
The scan already takes 2-3 hours for their subnets within the country.
Will the increased latency cause a significant change to the scanning time?
Going through our application logs recently I noticed a number of instances of page requests where an invalid SHA512 digest param in a URL resulted in a 403.
A couple aspects of these requests make me suspect an email scanner is checking o… Continue reading Do email security scans that follow links replace digest params in URLs with invalid values?
Does free Snyk detect CVE in a downloaded embedded Tomcat 9.0.55 image/container?
"Dockerfile":
ADD file:* in /
CMD ["/bin/sh"]
ENV JAVA_HOME=/opt/java/openjdk
ENV PATH=/opt/java/openjdk/bin:/usr/local/sbin:/usr/local/b… Continue reading Does free Snyk detect CVE in a downloaded embedded Tomcat? [closed]
I was trying to solve some recon badge problem from pentesterlab.com
But when I tried to transfer zone (using dig axfr), the website (hackycorp.com, z.hackycorp.com) says connection failed or time out.
And if I scan it with nmap, port 53 i… Continue reading How to zone transfer – (Pentester lab – problem in recon badge – port 53 filtered ) [closed]