We explore IDOR vulnerabilities in web-based capture services for initial access, analyze unencrypted protocol traffic for credential harvesting, and leverage misconfigured Linux capabilities for privilege escalation.
We explore open web services for initial access, manipulate vulnerable Python libraries (js2py) to achieve a sandbox escape for lateral movement, and exploit flawed input validation in sudo-enabled backup utilities for privilege escalation.
