Search this site
Skip to main content
Skip to navigation
Pentesting 101
Home
Principles and Frameworks
Pentester's Guide
Reconnaissance
Web applications
Content Discovery
Enumeration
Subdomain Enumeration
Username Enumeration
Password Enumeration
Exploitation
Cookie Tampering
URL Basics
Server-Side Request Forgery
IDOR Exploitation
File Inclusion
Command Injection
Cross-Site Scripting
SQL Injection
Privilege Escalation
Post-Exploitation
Resources
Pentesting 101
Resources
TOOLS
ENUMERATION
FFUF
- fuzzing and automated content discovery
CRACKSTATION
-
free online password hash cracker + wordlists
BASE64
-
encode and decode Base64 data
EXPLOITATION
REQUESTBIN
-
Collect HTTP or webhook requests
XSSHUNTER
-
Tool for finding XSS vulnerabilities and managing payloads
BURP SUITE
- Tool
kit for web and mobile application penetration testing
ORGANIZATIONS
Google Sites
Report abuse
Page details
Page updated
Google Sites
Report abuse