Not by Nmap Alone

Want to visit   +58

Author: Dmitry Boomov

The researcher will look into the possibility of internal infrastructure scanning via a victim’s browser with JavaScript disabled. Pretend all information about internal infrastructure is in the hands of a single person. Instead of forcing him or her to run nmap, you may scan a local network via the victim’s browser even if JavaScript in the said browser is restricted or disabled for security purposes. To accomplish that, you just need the target to click on the desired link.

  • Language
  • Russian

Dmitry Boomov is an information security researcher and penetration testing specialist at ONsec.

Dmitry Boomov Dmitry Boomov

Back to the list