Skip to content

davidenetti/OffensiveWeb_notes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

97 Commits
Broken_authentication
Broken_authentication
 
 
Command_injection
Command_injection
 
 
File_inclusion
File_inclusion
 
 
File_upload_attacks
File_upload_attacks
 
 
Fuzzing_with_Gobuster
Fuzzing_with_Gobuster
 
 
HTTP_verb_tampering
HTTP_verb_tampering
 
 
Hacking_wordpress
Hacking_wordpress
 
 
IDOR
IDOR
 
 
IIS_tilde_enumeration
IIS_tilde_enumeration
 
 
Information_gathering
Information_gathering
 
 
Insecure_deserialization
Insecure_deserialization
 
 
JS_deobfuscation
JS_deobfuscation
 
 
LDAP_security
LDAP_security
 
 
Login_brute_force
Login_brute_force
 
 
Mass_assignment_vulnerabilities
Mass_assignment_vulnerabilities
 
 
SQLMap
SQLMap
 
 
SQL_Injection
SQL_Injection
 
 
Server_side_attacks
Server_side_attacks
 
 
Sessions_security
Sessions_security
 
 
WEB_services_and_API
WEB_services_and_API
 
 
XSS
XSS
 
 
XXE
XXE
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 

Repository files navigation

OffensiveWeb_notes

My notes about web pentesting

Categories:

  • Information gathering
  • IIS tilde enumeration
  • Fuzzing using GoBuster
  • JavaScript deobfuscation
  • XSS
  • SQL injection
  • SQLMap
  • Command injection
  • File upload attacks
  • Server side attacks (SSRF, SSI, SSTI, XSLT injection)
  • Login brute force
  • Broken authentication
  • HTTP verb tampering
  • IDOR
  • XML External Entity Injection
  • File inclusion
  • Session security
  • Web services and API attacks (REST, SOAP, GraphQL)
  • WordPress hacking
  • LDAP security
  • Insecure deserialization
  • Mass assignment vulnerabilities

About

My notes about web pentesting

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages