SECPORT
SECPORT
  • 7
  • 223
Exploiting SSTI & SUID Binaries for Privilege Escalation | GTFObins Demo
In this video, I provide a hands-on demonstration of Server-Side Template Injection (SSTI) vulnerability exploitation and show how to use SUID binaries like find and gawk for privilege escalation, leveraging techniques from GTFObins. This tutorial is ideal for newbies, cybersecurity enthusiasts and hobbyists, offering practical insights into exploiting web vulnerabilities and escalating privileges in a controlled lab environment.
If you find this content helpful, please like, share, and subscribe for more in-depth cybersecurity tutorials and demos!
มุมมอง: 0

วีดีโอ

Can ChatGPT do SAST?7:52Can ChatGPT do SAST?
Can ChatGPT do SAST?
มุมมอง 17หลายเดือนก่อน
A friend of mine asked me if ChatGPT could do SAST, so I decided to put it to the test. I've included a short demo of SonarQube as well to show the kind of SAST tools used in the industry to scan for and fix insecure code. Disclaimer, I am neither a developer nor an SAST/DAST expert. This is purely for experiment sake. I do hope you learn something from it though.
ChatGPT generated GoPhish Templates12:18ChatGPT generated GoPhish Templates
ChatGPT generated GoPhish Templates
มุมมอง 65หลายเดือนก่อน
Just an experiment to see how well ChatGPT can generate convincing Gmail-looking GoPhish templates. Authorized, corporate, email phishing campaigns are important to any company/organization to assess their vulnerability to social engineering attacks like phishing. *This video is meant for educational purpose, please do not abuse GoPhish or ChatGPT for malicious use!
C2, Botnet & DDoS8:18C2, Botnet & DDoS
C2, Botnet & DDoS
มุมมอง 1012 หลายเดือนก่อน
In this video, we dive into the mechanics behind these cybersecurity threats, showcasing how C2 servers operate, the structure and behavior of botnets, and the impact of DDoS attacks on targeted systems.
DoS/DDoS Demonstration8:52DoS/DDoS Demonstration
DoS/DDoS Demonstration
มุมมอง 142 หลายเดือนก่อน
In this DDoS demonstration, we'll simulate a Distributed Denial of Service attack using MHDDoS on an Nginx webserver. By directing a flood of traffic to a target web server, we will observe how the overwhelming number of requests can render the server unresponsive. This practical exercise highlights the importance of robust security measures and traffic management to mitigate such attacks.
Load Balancers & Cybersecurity7:02Load Balancers & Cybersecurity
Load Balancers & Cybersecurity
มุมมอง 62 หลายเดือนก่อน
What do Load-Balancers have to do with Cybersecurity? Not much, however, some commercial load-balancers come with WAF features. This enables an additional layer of security for your webservers.
ChatGPT Made WAF & Vulnerable VM12:32ChatGPT Made WAF & Vulnerable VM
ChatGPT Made WAF & Vulnerable VM
มุมมอง 212 หลายเดือนก่อน
ChatGPT generated vulnerable VM: -Ubuntu 22.04 Jammy Jellyfish -Nginx 1.18.0 (Web Server) -MariaDB 10.6.16 (SQL Server) ChatGPT generated WAF: -ChatGPT generated GoLang (GO 1.18.1) code for WAF Firewall VM: -IPFire 2.29 (x86_64) - Core-Update 186, firewall with port-forwarding configured