endpoint and cloud security has been replaced with "elastic defend" ?

Am I the only one that can't get logging with apparmor to work when auditd is installed?

This guy really is one of my favorite people. Thank you for existing Ipp!

What main operating system do you use @ippsec? Is it like bare metal ubuntu and all the security stuff you do is on VM's or some other kind of setup? Thank you in advance!

PHP sees everything you put in ?public as a string. So "false" and "0" is not false and 0 😊

1:06:48 we're still watching the video because we like you and you rule! <3

When will update us with a vim set up and tmux ?

thx

Push!

Amazing that you provide such writeups, it’s pretty helpful to get the mindset for CTFs

you checked the /proc directory and process name to see the encrypted bash script but that because the script is paused and take long time to process , how to get the actual script if that not paused and run quickly ?

Thank you very much! Please do more!!! Subscribed already.

what you do when you get stuck at some point

unique butt fun box

unique butt fun.

Ippy faces everywhere, humble Ipps without temptation

Hey how did you enable Line number in vim?

Hey Ippsec, I really adore these types of boxes as a M4lware Analyst / reverse engineer. I thought initially this one was created by 0xdf. Do you know if HTB will ever have a similar kinda platform focussed on solely mal ware analysis / reverse engineering?

I was waiting for this video. I was like “Wait….. no video” It's Sunday but then I was like no it's Saturday. I just have to wait :)

First one is me , thank you so much ippsec for this information

Go buster vhost won’t work for me what do you do to make it work ?

Hello, it's probably a noob question but I have to ask it : I tried gobuster, dirbuster, dirsearch, but nothing worked even after I excluded 302 status and 279 length answers, I'm really struggling to understand what I'm doing wrong. I did some research and I understood that "gobuster sends a request to a non-existent URL to test the server response, this is to prevent false positives." and that it's refusing " to continue, because it won't have a way to distinguish false positives: the server returns 200 OK for whatever URL you feed it." the only suggestion given from the website I found the answer on is to browse the site manually, but how can I be sure to not miss anything important by doing it this way ? So my question is : is there any other way to get arund this problem ?

Push!

Just a question did you choose to go for the API fuzzing following the gobuster dir -u dev.devvortex.htb -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt or ffuf -w /opt/useful/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt:FFUZ -u dev.devvortex.htb/FFUZZ -ic -t 100, knowing by heart that something interesting should come up following the API requests, via your experience, or we should ALWAYS aim for going through each folder, hoping something interesting could come up? Of course, I assume it's the first case, nevertheless, I am curious. Thanks a million, your walkthroughs rock!

I don't need to use any CVE in zoneminder users, just exploit misconfiguration in its web services

But where is the root flag?

If ippsec is confuse, then everyone is confuse.

Hmm cannot seem to find the tmux.conf file in my home directory?

Hi there! I love your videos, and I recently started doing HackTheBox CTFs with free plan. But unlike other platforms, I face some issues when connecting to the machines. I use my Kali Linux VM to connect to the machines with a VPN, but the latency is so large that I can't even properly do some basic recon. Is there anything I can do to resolve this? I'm having a hard time using the machine because of the latency. I tried different regions and both the UDP and TCP protocols for the VPN file, but there was no change. Am I missing something, or is there anything I can do to resolve this? Oh, BTW, I'm from India.

Awesome video as always! Looking forward to the next one :)

hail to the king

how does he split the terminal?

I wonder if the fix can be bypassed by encoding the 'public' GET parameter

I loved this, as usual

Hi ippsec, how do you get a fully interactive powershell reverse shell ?

Please make video for Usage machine

Thanks for the knowledge!

How long does it take you to do an easy box on average

Hey Lois, remember the time I became IppSec and recorded a video for HackTheBox? 0:00

I just love your content

Started watching ippsec since popcorn

you insipire me so much to crreate my own channel

At 3:21 you directly get results for HackTheBox

😊😊

Please hacking Environment setup vedio with Parrot HTB

Hold me accountable yall!!!

is it necessary to do a virtual hosts enumeration when we can do a dns zone transfer with the box? I would expect all the virtual hosts to be in the response of the zone transfer.

I liked this box, I used ldapdomaindump for svc_deploy and then the netexec module for laps. I couldn’t find the laps password with the Microsoft documentation:(