Find answers, ask questions, and connect with our
welcoming community.

Home Page Forums General Discussions Common mistakes when using tools ?

  • Common mistakes when using tools ?

     Anthony updated 1 month ago 2 Members · 3 Posts
  • Anthony

    Member
    May 13, 2021 at 1:19 pm

    Hello everyone i have a question about tools like Commix and SQLMap i have done general research on each and both look promising to use. Also of course i am learning how to use them effectively on this platform. My question is how do i not make common mistakes that will lead to failure in finding a POC in the real world ?

  • Christophe

    Administrator
    May 17, 2021 at 4:22 pm

    Some ideas:

    • Before using tools against production applications, make sure you understand how they work. For example, sqlmap can be potentially destructive, so if you just point & shoot at a target and do damage, that could end up being a bad day for everyone
    • Another recent example with linPEAS. The tool was modified before the test taker took the exam, and there was an added feature they weren’t aware of that broke the exam’s rules. This is important in the real world too because it could lead to legal problems
    • Just because an automated tool doesn’t find anything doesn’t mean there’s nothing there. Sometimes tools don’t find what manual can
  • Anthony

    Member
    May 18, 2021 at 1:24 pm

    You make valid points it seems that everyone out there prides themselves on hunting manually and using tools makes you nothing more than a script kiddie. Honestly i don’t care what anyone thinks all i care about is finding bugs and doing it right and of course stay within legal limits of a bug bounty.

Viewing 1 - 3 of 3 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now