Tag: gobuster

All the articles with the tag "gobuster".

• HTB Crocodile — The Credential Chain

  9 May, 2026

  HackTheBox Crocodile chains anonymous FTP credential disclosure into a hidden web admin login. Same structural failure shows up in agentic systems when leaked API keys legitimately authenticate into production tool-use endpoints.

• HTB Preignition — Finding the Door They Forgot

  6 Apr, 2026

  HackTheBox Preignition combines directory enumeration with default credentials to compromise an nginx web server. The same attack pattern — find the management interface, try the default key — is how AI agent tool endpoints get compromised in practice.