Introduction In the ever-evolving landscape of cybersecurity, staying ahead of potential threats is paramount. As the digital realm expands, so does the attack surface of organizations, presenting a challenge for…
Category: Pentesting
RedHunt Labs introduces BucketLoot – a cutting-edge, automated S3-compatible Cloud Object Storage bucket inspector designed to empower users in securing their data. BucketLoot offers an array of powerful features, allowing users to seamlessly extract valuable assets, detect secret exposures, and search for custom keywords and Regular Expressions within publicly-exposed storage buckets.
Domain Takeover occurs when the organization did not renew its domain but still use it in their code and infrastructure. When the attacker registers the abandoned domain, they own the domain, including its subdomains and other types of DNS records.
This blog discusses the common vulnerabilities or misconfigurations that a threat actor can exploit on login functionality & some remediations around it.
Burp Suite extension to identify the historic URLs of the domains in scope from WayBackMachine. Helps in Attack Surface Management.
In our last post Redefining Assets – A Modern Perspective we talked about how the definition of an ASSET has evolved with time and is now more inclusive. In this post, we…