Hacking IIS (Recon) (Part 1)
Most IIS versions have been confirmed to be vulnerable to IIS shortname enumeration by default. This video goes into detail regarding what shortnames are, and how they are relevant when it comes to testing IIS servers. You will find some example successes in bug bounties at the end of the video.
I plan on making a few videos around IIS and .NET hacking. This is the first video in that series.
Links from the video:
https://twitter.com/irsdl
https://soroush.secproject.com/blog/
https://bit.ly/2DSwtX0
https://www.acunetix.com/blog/web-security-zone/windows-short-8-3-filenames-web-security-problem/
https://github.com/irsdl/IIS-ShortName-Scanner
Attack surface management platform: https://assetnote.io
Precious Time by Ketsa
Creative Commons Attribution
https://creativecommons.org/licenses/by-nc-nd/4.0/
Source: https://ketsamusic.com/track/1998282/precious-time
Видео Hacking IIS (Recon) (Part 1) канала Assetnote
I plan on making a few videos around IIS and .NET hacking. This is the first video in that series.
Links from the video:
https://twitter.com/irsdl
https://soroush.secproject.com/blog/
https://bit.ly/2DSwtX0
https://www.acunetix.com/blog/web-security-zone/windows-short-8-3-filenames-web-security-problem/
https://github.com/irsdl/IIS-ShortName-Scanner
Attack surface management platform: https://assetnote.io
Precious Time by Ketsa
Creative Commons Attribution
https://creativecommons.org/licenses/by-nc-nd/4.0/
Source: https://ketsamusic.com/track/1998282/precious-time
Видео Hacking IIS (Recon) (Part 1) канала Assetnote
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Hacking IIS (APIs and using BigQuery) (Part 2)Best Hacking Operating System!Bug Bounty Redacted #2: Third Party Subdomain Takeover & Exposed Admin InterfacesHacker101 - JavaScript for Hackers (Created by @STÖK)NahamCon2021 - Hacking IIS - @infosec_auyou need to learn Docker RIGHT NOW!! // Docker Containers 101How to Get Better at Hacking | IWCON-S22 Talk by Louis NyffeneggerHow To Be Anonymous / Invisible Online - protect your privacy & anonymityHackTheBox - OmniCatch Me If You Can - Shubham Shah & Michael Gianarakis at 44CON 2018Bruteforce Attacks and Bypassing Rate Limits with FireproxMicrosoft Reflected XSS Vulnerability, SSRF Automation | Thursday Hacking Masala | Episode #8🔥AutoRecon - Installation, Usage, & Configuration! #OSCPPhishing attacks are SCARY easy to do!! (let me show you!) // FREE Security+ // EP 2Vulnerable IIS Web Server - HackTheBox DevelMicrosoft IIS tilde directory enumeration Vulnerability | POCHow Much Do Blogs Earn in 2021? Things have changed.Microsoft PowerShell for Beginners - Video 1 Learn PowerShellHacking MS-SQL - From SQLi to Server AdministratorBackslash Powered Scanning: Hunting Unknown Vulnerability Classes