How To Set Up Your Ultimate OOB Bug-Hunting Server
1 min read
Summary
To enhance chances when bug hunting, setting up a dedicated server is paramount for any ethical hacker.
While having your own server is optimal, using a public server is okay, but comes with some limitations and potential issues.
The most prevalent issue is that some security tools will block traffic to and from known public hacking servers, which reduces the effectiveness of using such servers.
The best solution is to set up your own ‘out-of-band’ (OOB) server, which can be created on a basic VPS with a public IP address and a domain name.
This gives you a tool to hunt for blind bugs like SSRF, XXE and Blind XSS, as well as a way to test CORS misconfiguration and host files like CSRF POCs.
The post outlines how to set up an Interactsh Server, which is specifically designed for security testing.