thalles · @thalles
18 followers · 559 posts · Server metalhead.club
RT @vxunderground@twitter.com
We have seen many tweets recently about silly malware concepts like "syscalls", "unhooking", or "obfuscation".
Here is our #1 #RedTeamTip to avoid EDRs. Use an RPG-7 to obliterate the computer. The EDR cannot detect your malware if the computer is not operational
π¦π: https://twitter.com/vxunderground/status/1613351605901860865
Astra Kernel :verified: · @AstraKernel
582 followers · 609 posts · Server infosec.exchange
β¨ ffuf(Fuzz Faster U Fool)
βΆοΈFest web fuzzer written in Go that allows typical directory discovery, virtual host discovery (without DNS records) and GET and POST parameter fuzzing
GitHub link:
https://github.com/ffuf/ffuf
βΆοΈ Resources
π Comprehensive Guide on ffuf
https://www.hackingarticles.in/comprehensive-guide-on-ffuf/
π How to Fuzz Web Applications using FFuf β Web Security Tutorial
https://www.freecodecamp.org/news/web-security-fuzz-web-applications-using-ffuf/
πTop 25 Example Usage of ffuf Web Fuzzer
https://allabouttesting.org/top-25-example-usage-of-ffuf-web-fuzzer/
π HOW TO FIND ZERO-DAY VULNERABILITIES WITH ffuf
https://www.securitynewspaper.com/2022/06/11/how-to-find-zero-day-vulnerabilities-with-fuzz-faster-u-fool-ffuf-detailed-free-fuzzing-tool-tutorial/
#infosec #ffuf #pentesting #bugbounty #bugbountytip #redteamtip #zeroday #kalilinux
#infosec #ffuf #pentesting #bugbounty #bugbountytip #redteamtip #zeroday #kalilinux