VAPT

Hello everyone, For those of you immersed in the realms of consulting, freelancing, or cybersecurity, you've likely encountered scenarios where ports or services are inaccessible for conducting penetration tests. In such situations, a viable alternative is to assess the availability of the ping service. If ping functionality is present, leveraging ICMP attacks becomes a feasible option due to the association of ping with the ICMP protocol. In this demonstration, our target platform is https://www.hackthissite.org/, renowned for providing a secure and legitimate environment for hackers to hone their ethical hacking skills through challenges, CTFs, and more. Given that ping service is enabled on this platform, we can explore ICMP attacks. Among the various ICMP attacks, one prevalent type involves inundating the target with ICMP echo-requests, constituting a Denial-of-Service (DoS) assault termed an Internet Control Message Protocol (ICMP) flood DDoS attack or Ping flood attack. What...