Defender's Notes
  • Welcome!
  • Methodology
  • Ethical Hacking
  • Resources/Blogs/Conferences/Labs
  • Writing Vulnerability Reports
  • Linux Tips
  • Certifications
  • Bug Bounty
    • Hints
  • Python
  • PenTesting
    • Recon
    • Network Scanning
    • Reverse Shell Payloads
    • API Security Testing
    • 53 - DNS
    • 21 - ftp
    • 139,445 - SMB
    • 111,2049 - rcpbind
    • Authentication
    • Scripting
    • OSINT
    • Cloud Security
    • Reverse Engineering
    • Password
    • Proxy Chain
    • Steganography
    • Buffer Overflow
  • Windows
    • Recon
    • Golden/Silver Ticket
    • PowerShell for Beginners
    • Windows Priv Escalate
      • Icecast (RPC)
    • Kerberos Attack
  • Web Pentesting
    • 80,443,8080 - Recon
    • Resources
      • Burp Suite
    • Web Vulnerabilities
      • WordPress
      • CSP Bypass
      • JSON Web Tokens
      • Insecure Desensitization
      • Open Redirect
      • Command Injection
      • Path Traversals
      • SSRF
      • SQL Injection
      • IDOR
      • Shellshock
      • Heartbleed
      • Session Attacks/Bypass
      • XSS
      • XXE
      • CSRF
      • File Inclusion (Local/Remote)
      • Drupal
    • OWASP Top 10 2017
      • Top 1: Injection
      • Top 2: Broken Authentication
      • Top 3: Sensitive Data Exposure
      • Top 4: XML External Entities (XXE)
      • Top 5: Broken Access Control
      • Top 6: Security Misconfiguration
      • Top 7: Cross-Site Scripting (XSS)
      • Top 8: Insecure Deserialization
      • Top 9: Using Components with Known Vulnerabilities
      • Top 10: Insufficient Logging & Monitoring
    • OOB
    • Java
    • Python Web Security
  • Linux
    • Upgrading shell
    • Linux Priv Escalate
      • Path Variable Manipulation
      • Systemctl
  • Binary Security
    • AOT
  • Hardware Security
    • Wi-fi
    • Radio
  • Mobile Security
    • Android
    • SMS
  • Videos
    • IppSec Videos
    • The Cyber Mentor
Powered by GitBook
On this page
  • Toolkit
  • Metasploit
  • Guides
  • Training Resources
  • Scripts
  • Wordlist
  • Other Resources

Was this helpful?

  1. Web Pentesting

Resources

Toolkit

  • Attack platform (Kali, ParrotOS, etc)

  • Automated tools (Burp Scanner, Dirbuster, Nikto, etc)

  • Browser (Add-ons)

  • Interception proxies (Burp or ZAP)

Metasploit

There are >150 entries that can be used against web server scanning, crawling, and querying:

  • auxiliary/scanner/http/

  • Basic Spiders: auxiliary/crawler/msfcrawler and auxiliary/scanner/http/crawler

  • wmap (Web Scanning not updated since 2012)

  • sqlmap

Guides

OWASP WSTG - Web Security Testing Guide: https://owasp.org/www-project-web-security-testing-guide/v41/

PortSwigger - Service-Side template Injection: https://portswigger.net/web-security/server-side-template-injection

WebApp Hacking: Web Application Technologies, Part 1 https://www.hackers-arise.com/post/2018/07/22/web-app-hacking-web-application-technologies-part-1

Training Resources

KONTRA - OWASP Top 10, free appsec training https://application.security/free-application-security-training

For Self Hosted Vulnerable Web Apps or Sites see: https://notes.defendergb.org/other-resources

Scripts

Haksecuritytxt https://github.com/hakluke/haksecuritytxt Takes a list of domains as the input, checks if they have a security.txt, outputs the results.

Wordlist

Full wordlist https://github.com/SilverPoision/a-full-list-of-wordlists/tree/master/Wordlists/burp_pack

Other Resources

Why Server-Side Input Validation Matters: https://soatok.blog/2020/04/27/why-server-side-input-validation-matters/amp/?__twitter_impression=true

Previous80,443,8080 - ReconNextBurp Suite

Last updated 4 years ago

Was this helpful?