Welcome to our full OffSec Live recorded session on Hawat, a Proving Grounds machine!
Here's an overview of this walkthrough:
🟪 Initial Scanning and Enumeration: The walkthrough begins with an initial scan of the target, focusing on the top 10 ports, and then expands to 100 ports. Only port 22 (SSH) is found open initially. We then conducted a more thorough scan of all ports, revealing additional open ports hosting HTTP services.
🟪 Web Application Analysis and User Account Testing: We explored the web services found on the newly discovered ports, identifying functionalities like message posting, user registration, and log-ins. We experimented with these features to understand the web application's behavior, including registering and logging in with a test account.
🟪 Exploitation Techniques: We progressed to more sophisticated techniques, including directory fuzzing, examining source code, SQL injection, and exploiting vulnerabilities for potential SQL injection.
Sharpen your skills with Proving Grounds, real-world, hands-on hacking virtual labs: portal.offsec.com/labs/practice
Join OffSec Live on Fridays: / offsecofficial . We do demonstrations and walkthroughs of course topics and Proving Grounds machines. Additionally, sessions offer career guidance, including how to build a resume, how to break into #cybersecurity, and interview tips.
.
.
.
.
SQL injection, SQL injection explained, SQL injection attack in cybersecurity, SQL injection tutorial