Did you know with Sentry's event fingerprinting you can group errors with greater granularity? If your quering an API service the stack trace is generally the same even if the outgoing request is very different Add it to your Sentry.init beforeSend function.
Afi SV’s Post
More Relevant Posts
-
Did you know with Sentry's event fingerprinting you can group errors with greater granularity? If your quering an API service the stack trace is generally the same even if the outgoing request is very different Add it to your Sentry.init beforeSend function.
To view or add a comment, sign in
-
Found this to be a little challenging on the privilege escalation side. Overall, really liked this box - Gaining a foothold is practically given to you - it compensates for the "easiness" by 1) Finding the exploit for privilege escalation 2) How to actually leverage the exploit 3) Getting onto the target machine. Important lesson: Don't be careless with how you setup FTP on your system ;)
To view or add a comment, sign in
-
After gaining access to the Domain Controller, let's dump the hashes using the secretsdump tool.
To view or add a comment, sign in
-
The Foldhold exploit used CRLF injection, a technique that inserts carriage return (CR) and line feed (LF) characters into user-supplied input. This tricks the server, application, or user into interpreting the injected sequence as the end of one response and the beginning of another. Finally, I used `sudo -l` to list the allowed (and forbidden) commands for the invoking user, which can be used for further privilege escalation.
Owned Perfection from Hack The Box!
hackthebox.com
To view or add a comment, sign in
-
🚨 It's time to update your ProjectDiscovery Nuclei CLI/SDK. This release brings: - A new -dast flag to run DAST Templates (previously known as Fuzzing). - A pre-condition field for the code protocol and DAST Templates. - Fixes for multiple crashes/panics. - Fixes for multiple issues related to query parameter DAST (fuzzing) templates. - Multiple bug fixes in OAST, matcher-status, and much more. Check out https://lnkd.in/dms_5Tvf for more release details and other important changes.
To view or add a comment, sign in
-
🫠 Tricky machine to get a foothold on because I am not quite used to inspecting traffic with Wireshark but eventually got there! 👾 Also make use of a IDOR vulnerability to download the right .pcap file. After that simply run linpeas for privilege escalation. It will highlight what you need to do.
Owned Cap from Hack The Box!
hackthebox.com
To view or add a comment, sign in
-
A very easy box, but a fun exercise to exploit the infamous SMB hack that allowed WannaCry to storm the world. There are several ways to go about this hack. I spent some time crafting a msfvenom payload and then trying a .py exploit, but I kept getting line errors in unexpected places. At the end of the the day, msfconsole is one heck of an easy tool as a backup. This a great beginner box in my opinion, a great toe in the water for smbclient usage, nmap, msfconsole, and meterpreter.
Owned Blue from Hack The Box!
hackthebox.com
To view or add a comment, sign in
-
Budding #EthicalHacker | Top 1% on #TryHackMe | #ZeroTrust | Knows #python | Aiming to get #CREST #CPSA and #OSCP
NMAP > RCE Exploit > Shell > User Flag > NC > more stable/interactive shell > Discover CloudMe > Chisel > create payload with MSFVenom > update BOF exploit with payload > run BOF exploit > root shell > root flag!
Owned Buff from Hack The Box!
hackthebox.com
To view or add a comment, sign in
-
Join Butch Mayhew, Head of Quality & Reliability at Tilled on Wednesday, April 3rd at 12:00 CDT to learn more about debugging errors faster while protecting user privacy with Session Replay with Sentry (sentry.io)!
Join me Wednesday, April 3rd 2024, 12:00 pm CDT as I walk through how we use Sentry (sentry.io) Session Replays as a part of our feedback loops in a super secure way! https://lnkd.in/e8VnmFEM
Debug Errors Faster while Protecting User Privacy with Session Replay
sentry.io
To view or add a comment, sign in
-
Did you know that you can easily redirect to a proxied API using fallback mode if no rule matches? Additionally, by combining fallback mode with wildcard paths, you can create "guard" routes that apply the same rules to all your mock API endpoints. Learn more in our tutorial: https://lnkd.in/eFmWS4KH
To view or add a comment, sign in