Web Penetration Testing

Burpsuite for Pentester: Autorize

Burpsuite for Pentester: Logger++

A Detailed Guide on httpx

Comprehensive Guide on FFUF

Burp Suite for Pentester: Repeater

Burp Suite for Pentester: Burp’s Project Management

Burp Suite for Pentester: Software Vulnerability Scanner

Burp Suite for Pentester: Active Scan++

Burp Suite for Pentester: Turbo Intruder

Burp Suite for Pentester: Burp Sequencer

Burp Suite for Pentester: HackBar

Burp Suite for Pentester: Burp Collaborator

Burp Suite for Pentester: Web Scanner & Crawler

Burp Suite for Pentester: Fuzzing with Intruder (Part 3)

Burp Suite for Pentester: Fuzzing with Intruder (Part 2)

Burp Suite for Pentester: Fuzzing with Intruder (Part 1)

Burp Suite for Pentester: XSS Validator

Burp Suite for Pentester: Configuring Proxy

Comprehensive Guide on XXE Injection

Understanding the CSRF Vulnerability (A Beginner’s Guide)

Cross-Site Scripting Exploitation

Comprehensive Guide on Cross-Site Scripting (XSS)

Comprehensive Guide on Unrestricted File Upload

Comprehensive Guide on Open Redirect

Comprehensive Guide to Remote File Inclusion (RFI)

Comprehensive Guide on HTML Injection

Comprehensive Guide on Path Traversal

Comprehensive Guide on Broken Authentication & Session Management

Comprehensive Guide on OS Command Injection

Multiple Ways to Banner Grabbing

Comprehensive Guide on Local File Inclusion (LFI)

Netcat for Pentester

WPScan:WordPress Pentesting Framework

WordPress Pentest Lab Setup in Multiple Ways

Multiple Ways to Crack WordPress login

Drupal: Reverseshell

Joomla: Reverse Shell

WordPress: Reverse Shell

Web Application Pentest Lab Setup on AWS

Web Application Lab Setup on Windows

Web Application Pentest Lab setup Using Docker

Configure Web Application Penetration Testing Lab

Web Shells Penetration Testing

Web Server Lab Setup for Penetration Testing

SMTP Log Poisoning through LFI to Remote Code Execution

Engagement Tools Tutorial in Burp suite

Payload Processing Rule in Burp suite (Part 2)

Payload Processing Rule in Burp suite (Part 1)

Beginners Guide to Burpsuite Payloads (Part 2)

Beginners Guide to Burpsuite Payloads (Part 1)

Burpsuite Encoder & Decoder Tutorial

Multiple Ways To Exploiting HTTP Authentication

Understanding the HTTP Protocol

Multiple Ways to Detect HTTP Options

Multiple Ways to Exploiting PUT Method

Understanding HTTP Authentication Basic and Digest

Beginner Guide to Understand Cookies and Session Management

Understanding Encoding (Beginner’s guide)

Brute Force Website Login Page using Burpsuite (Beginner Guide)

How to Spider Web Applications using Burpsuite

5 Ways to Create Dictionary for Bruteforcing

Shodan a Search Engine for Hackers (Beginner Tutorial)

5 Ways to Directory Bruteforcing on Web Server

Beginner Guide to Google Dorks (Part 1)

Command Injection Exploitation in DVWA using Metasploit (Bypass All Security)

Server Side Injection Exploitation in bWapp

File Upload Exploitation in bWAPP (Bypass All Security)

Hack File upload Vulnerability in DVWA (Bypass All Security)

Apache Log Poisoning through LFI

Web Server Exploitation with LFI and File Upload

RCE with LFI and SSH Log Poisoning

How to set up SQLI Lab in in Kali

Beginner’s Guide to SQL Injection (Part 1)

Beginner Guide to SQL Injection Boolean Based (Part 2)

How to Bypass SQL Injection Filter Manually

Form Based SQL Injection Manually

Dumping Database using Outfile

Manual SQL Injection Exploitation Step by Step

Beginner Guide to Insecure Direct Object References (IDOR)

Comprehensive Guide to Sqlmap (Target Options)

File System Access on Webserver using Sqlmap

Exploiting Form Based Sql Injection using Sqlmap

Exploiting Sql Injection with Nmap and Sqlmap

Easy way to Hack Database using Wizard switch in Sqlmap

SQL Injection Exploitation in Multiple Targets using Sqlmap

Sql Injection Exploitation with Sqlmap and Burp Suite (Burp CO2 Plugin)

Exploiting the Webserver using Sqlmap and Metasploit (OS-Pwn)

Command Injection Exploitation through Sqlmap in DVWA

Shell uploading on Web Server using Sqlmap

Database Penetration Testing using Sqlmap (Part 1)

Command Injection to Meterpreter using Commix

Exploit Command Injection Vulnerability with Commix and Netcat

Powershell Injection Attacks using Commix and Magic Unicorn

Commix-Command Injection Exploiter (Beginner’s Guide)

Shell Uploading in Web Server through PhpMyAdmin

Web Penetration Testing with Tamper Data (Firefox Add-on)

Command Injection Exploitation using Web Delivery (Linux, Windows)

5 Ways to Crawl a Website