Видео

What no?

Yea :)

Thank you so much! Your support really motivates us to keep creating!

More to come!

Glad you liked it!

Yes, definitely

Glad you like them!

If you can't bypass root detection or SSL pinning, you can request a modified APK/IPA from the dev team. Alternatively, you can use Frida, Objection, or even Magisk's inbuilt modules to remove root detection. For SSL pinning, Frida or custom scripts can help bypass it in real time. If none of these methods work, talking to the devs is always a good option-successful SSL pinning is a great security practice. However, if your client requests thorough testing, you should ask them for the necessary modifications.

@@redfoxsec thanks for your reply 👏

Thank you for reaching out! You can connect with us through our official website redfoxsec.com. Feel free to drop us a message, and our team will be happy to assist you!

@@redfoxsec is their any telegram contact

We're glad to hear that the video helped you better understand Android pen testing. The filesystem can be tricky, but it's great that you found the explanation clear.

Can I have a reply?

😭😭

Right?! That neck movement was on point! 🔥👌 Glad you noticed it! 😄

Yes, ESC15 is definitely on our radar! It's in our bucket list, and we’re planning to drop a video on it soon. Stay tuned, it's coming! 💪🎥

@@redfoxsec that's great! Looking forward to it

Thank you! We're glad you enjoyed the presentation!

Thanks for your interest! 🙌 Be sure to check out our channel, We've got some great penetration testing videos already up and more coming soon! 🔐💻

Also, it is mentioned that relaying to the same domain controller isn't possible, but what if we try relaying the NTLMv2 hash from DC01 to DC02 ?

@BlackwinghacksBlogspot To get a TGT, a certificate is required, and getting that certificate involves interacting with ADCS. However, if you already have the certificate, you can directly authenticate with the Domain Controller to obtain the TGT.

@BlackwinghacksBlogspot Yes, it is possible to relay the NTLMv2 hash from DC01 to DC02.

@@redfoxsec thanks guys

To test if a parameter is vulnerable to XSS, start by injecting a basic payload like "<script>alert(1)</script>". If the alert pops up in the browser, the parameter is likely vulnerable. To determine the type of XSS: Reflected XSS: The payload is immediately reflected in the response and executed. Stored XSS: The payload is stored on the server and executed later. DOM-based XSS: The vulnerability occurs in the page's JavaScript itself. Tailor your payload based on where the input is reflected (HTML, attributes, or script tags). Keep adjusting based on how the application reacts to find the exact payload that works. It's common for the application to URL-encode characters like < (%3C) and > (%3E) to sanitize input. In such cases, you can try encoding your payload manually. For example, injecting %3Cscript%3Ealert(1)%3C%2Fscript%3E in Burp Suite's request could reveal vulnerabilities if the app decodes and executes it. Additionally, you can manually obfuscate XSS payloads to bypass filters or Web Application Firewalls (WAFs). If manual obfuscation doesn't work, consider using more advanced payloads available on GitHub specifically designed to bypass WAFs. Testing different encoding formats (e.g., URL-encoded, HTML-encoded) may also help expose vulnerabilities. XSS is a broad and complex topic, so we hope this helps answer your questions! In case of any further queries, feel free to ask. Don’t forget to like, share, and subscribe for more content like this.

@@redfoxsec ohkk now I understood thank you so much for such a nice explanation :)