Our community has moved to Discord. Join us there!
Cybr.com/Discord
These forums are still up for historical purposes.

Home Page Forums General Discussions Common mistakes when using tools ?

  • Common mistakes when using tools ?

    Posted by Deleted User on May 13, 2021 at 1:19 pm

    Hello everyone i have a question about tools like Commix and SQLMap i have done general research on each and both look promising to use. Also of course i am learning how to use them effectively on this platform. My question is how do i not make common mistakes that will lead to failure in finding a POC in the real world ?

    Deleted User replied 2 years, 10 months ago 2 Members · 2 Replies
  • 2 Replies
  • Christophe

    Administrator
    May 17, 2021 at 4:22 pm

    Some ideas:

    • Before using tools against production applications, make sure you understand how they work. For example, sqlmap can be potentially destructive, so if you just point & shoot at a target and do damage, that could end up being a bad day for everyone
    • Another recent example with linPEAS. The tool was modified before the test taker took the exam, and there was an added feature they weren’t aware of that broke the exam’s rules. This is important in the real world too because it could lead to legal problems
    • Just because an automated tool doesn’t find anything doesn’t mean there’s nothing there. Sometimes tools don’t find what manual can
  • Deleted User

    Deleted User
    May 18, 2021 at 1:24 pm

    You make valid points it seems that everyone out there prides themselves on hunting manually and using tools makes you nothing more than a script kiddie. Honestly i don’t care what anyone thinks all i care about is finding bugs and doing it right and of course stay within legal limits of a bug bounty.

Log in to reply.