Collaborate Disseminate
I am trying to analyze HTTP traffic of our application.
Application has two accessible portals, one accessible by admin.localhost:3002 and the other accessible by localhost:3002
I have Burp Suite proxy on 127.0.0.1:8080, certs configured i… Continue reading Unknown host on Burp Suite when trying to access *.localhost
I have a website with a URL of lets say "123.example.com" where I am hosting a large ERP system. Does hosting the application at "123.example.com/myapp" provide any layer of security from malicious web crawlers/bots etc… Continue reading Subdomain vs Virtual Path discovery by bots
So I am resolving room Wekor at tryhackme. The room says we need to use the domain "wekor.thm". So I added the domain to /etc/hosts
There is a hidden subdomain site.wekor.thm. I’ve already read the walkthrough.
When I tried to … Continue reading Gobuster doesn`t work properly
I am wondering how we can effectively extract all subdomains of given website? For example, the free hosting websites, I would like to extract all subdomains and see if I can find some subdomains related to our company that’s maybe used fo… Continue reading efficient subdomain extraction [duplicate]
Many new TLDs have mandatory HTTPS requirements. Is there a way to disable that for subdomains? If not does that mean an expensive wildcard SSL certificate will need to be used with these domains?
So if I have a service running at sub.doma… Continue reading Do subdomains of a TLD with mandatory HTTPS require a wildcard certificate?
I have been researching various common techniques for preventing CSRF attacks, such as SameSite, Secure, and CSRF Tokens, and how they can be bypassed. I found that the following vulnerabilities exist:
A website’s subdomain or sibling dom… Continue reading Can strict ‘Referer’ validation also be bypassed with vulnerable subdomains?
I found this subdomain dump or whatever this of pipedrive website on ghostbin. I was wondering what threat this poses to the organisation and what can be done if anything to mitigate the threat.
••bicloud p,pednve com
,icenda p1pedrive.com… Continue reading what is a subdomain dump and is it dangerous? [duplicate]
Are there any security reasons against "drop-www"?
In other words, are there any security reasons against using an apex [1] domain name such as example.com instead of a subdomain such as www.example.com?
Quote https://www.bjornjo… Continue reading Are there any security reasons against "drop-www" (using example.com instead of www.example.com)?
Eepsites are similar to Tor’s hidden services, but based on the I2P anonymity network.
Named eepsites use central registrars like stats.i2p and no.i2p. Each eepsite also has a b32 domain which is a base32-encoded string that is used to con… Continue reading Is it possible to enumerate registered eepsite (I2P) subdomains?
I am curently scanning for open ports on a subdomain. Say I have example.com and subdomain.example.com, but this subdomain can only be reached at port 8443. How can I scan for other potential open ports? Nmap will show this warning when tr… Continue reading Scan for open ports on subdomain