Skip to content

davidenetti/OffensiveWeb_notes

Repository files navigation

OffensiveWeb_notes

My notes about web pentesting

Categories:

  • Information gathering, with specific additions for web applications;
  • Fuzzing using ffuf;
  • JavaScript deobfuscation;
  • XSS;
  • SQL injection;
  • SQLMap;
  • Command injection;
  • File upload attacks;
  • Server side attacks (SSRF, SSI, SSTI, XSLT injection);
  • Login brute force;
  • Broken authentication;
  • HTTP verb tampering;
  • IDOR;
  • XML External Entity Injection;
  • File inclusion;
  • Session security;
  • Web services and API attacks;
  • WordPress hacking.

About

My notes about web pentesting

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages