Skip to content

WEB Penetration testing

  • Introduction
    • Request & Response
      • Request methods
        • https://developer.mozilla.org/en-US/docs/Web/HTTP/Methods
      • Response code
        • https://developer.mozilla.org/en-US/docs/Web/HTTP/Status
      • Headers
        • https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers
    • OWASP Top 10 2021
      • https://owasp.org/Top10/
    • CWE
      • https://cwe.mitre.org/
    • CVE
      • https://cve.mitre.org/
    • CVSS
      • https://www.first.org/cvss/calculator/3.1
  • Reconnaissance
    • http://michalszalkowski.com/security/enumeration/enumeration-asn/
    • http://michalszalkowski.com/security/enumeration/enumeration-dns/
    • http://michalszalkowski.com/security/enumeration/enumeration-email/
    • http://michalszalkowski.com/security/enumeration/enumeration-linux/
    • http://michalszalkowski.com/security/enumeration/enumeration-net/
    • http://michalszalkowski.com/security/enumeration/enumeration-osint/
    • http://michalszalkowski.com/security/enumeration/enumeration-port/
    • http://michalszalkowski.com/security/enumeration/enumeration-subdomain/
    • http://michalszalkowski.com/security/enumeration/enumeration-vhost/
    • http://michalszalkowski.com/security/enumeration/enumeration-web/
    • http://michalszalkowski.com/security/enumeration/reconnaissance/
  • Tools
    • https://www.wireshark.org/
    • https://portswigger.net/burp
    • https://www.zaproxy.org/
    • https://obsidian.md/
    • https://www.kali.org/
  • Web Attacks - Analiza podatności (atak, obrona, przykład)
    • (SQLi) SQL i NoSQL injection
      • https://portswigger.net/web-security/sql-injection
      • https://portswigger.net/web-security/nosql-injection
      • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/sql-injection/
      • http://michalszalkowski.com/security/payload/sql/
    • (OSi) OS Command injection
      • https://portswigger.net/web-security/os-command-injection
      • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/command-injection/
      • http://michalszalkowski.com/security/payload/cmd-injection/
    • (UFU) Unrestricted File Upload
      • https://portswigger.net/web-security/file-upload
    • (XSS) Cross-site scriptin
      • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/xss/
      • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/xss-in-markdown/
      • http://michalszalkowski.com/security/payload/xss/
    • (XML)
      • (XXE) XML External Entity
        • https://portswigger.net/web-security/xxe
        • http://michalszalkowski.com/security/payload/xee/
      • DoS XML
        • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/xml-bomb-attack/
    • (CSRF) Cross-Site Request Forgery
      • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/cross-site-request-forgery-CSRF/
    • (LFI) Local File Inclusion
      • https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.1-Testing_for_Local_File_Inclusion
    • (RFI) Remote File Inclusion
      • https://owasp.org/www-project-web-security-testing-guide/v42/4-Web_Application_Security_Testing/07-Input_Validation_Testing/11.2-Testing_for_Remote_File_Inclusion
    • (DT) Directory Traversal
      • https://portswigger.net/web-security/file-path-traversal
      • http://michalszalkowski.com/security/payload/path-traversal/
    • (IDOR) Insecure Direct Object Reference
      • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/idor/
    • (SSTI) Server-Side Template Injection
    • (SSRF) Server-Side Request Forgery
      • https://portswigger.net/web-security/ssrf
      • http://michalszalkowski.com/security/pentesting-web/vulnerabilities/server-side-request-forgery-SSRF/
      • http://michalszalkowski.com/security/payload/ssrf/
    • (DoS) Denial of Service and Application Denial of Service
  • (BF) Brute Force
    • create password list
      • http://michalszalkowski.com/security/bruteforce/#create-password-list
    • basic auth
      • http://michalszalkowski.com/security/bruteforce/#basic-auth
    • form auth
      • http://michalszalkowski.com/security/bruteforce/#form-auth
    • ftp
      • http://michalszalkowski.com/security/bruteforce/#ftp
    • ssh
      • http://michalszalkowski.com/security/bruteforce/#ssh
  • TLS/SSL
    • https://www.ssllabs.com/ssltest/
  • Laboratory
    • CTF - http://michalszalkowski.com/security/laboratory/ctf/
    • DVWA - http://michalszalkowski.com/security/laboratory/dvwa/
    • Mutillidae - http://michalszalkowski.com/security/laboratory/mutillidae/
    • Metasploitable2 - http://michalszalkowski.com/security/laboratory/metasploitable2/