Most (if not all) bug bounty hunters know what a subdomain takeover is and what its impact is, but do you know how to actually take over the domain and make a working proof of concept?
Bits of automation with Python packages! Really cool box to learn different techniques, like trying to use an SMTP server to send emails using gathered data. Recommend it 100%
Windows box and enumeration! Fuse combines a thorough exploration of different services to gather information and then use a password spraying attack to get a foothold into the system, after that a permissions misconfig allows us to get admin!
Do you like finding rabbit holes? If so, this machine is for you. And don’t forget that googling for exploits is crucial!
Machine with different virtual hosts, one of them with a vulnerable openEMR instance. From there docker and Memcached are the way to root
Here is my write-up of how I solved HackerOne h1-2006 CTF, definitely learned a lot of new things!
Did you know about SETENV? What about using PYTHONPATH? Recon never ends, credentials are never enough, especially in Admirer!