Alexis Rodriguez

Nov 20, 2021

10 min read

HackTheBox: BountyHunter

XXE and Abusing Python’s eval function for Privilege Escalation

FootHold

Nmap

All Ports

nmap -Pn -n --open -vv -p- -oA recon/nmap/all-ports bounty

--

--

More from Alexis Rodriguez

I am an ex-Pen tester, now App Sec Engineer @ AWS, who writes about cybersecurity and anything related to technology. Opinions are my own.

Recommended from Medium

Will Schroeder

in

Posts By SpecterOps Team Members

Koh: The Token Stealer

Emek

Enno Wallet - A Highly Secure Wallet That Stores Crypto Assets For Individuals

Sports and Fitness Industry Association (SFIA)

New Data Privacy Rules in Europe And Their Effect on U.S. Companies

Safe Dollar

All Funds are SAFU — SafeDollar is NOT affected by Iron Finance incident

Polkassembly

Using Proxies in Polkassembly

Alexis Rodriguez

Secure Hash Function Properties

TonyRahmos

Blog — TryHackMe — WriteUp

Abhinav Pathak

in

CodeX

Google Dorks and How Hackers Use It

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alexis Rodriguez

Alexis Rodriguez

1.5K Followers

I am an ex-Pen tester, now App Sec Engineer @ AWS, who writes about cybersecurity and anything related to technology. Opinions are my own.

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech