Pentest Book
Ask or search…
⌃
K
Pentest Book
Ask or search…
⌃
K
/home/six2dez/.pentest-book
Contribute/Donate
Recon
Public info gathering
Root domains
Subdomain Enum
Webs recon
Network Scanning
Host Scanning
Packet Scanning
Enumeration
Files
SSL/TLS
Ports
Web Attacks
Web Technologies
APIs
JS
ASP.NET
JWT
GitHub
GitLab
WAFs
Firebird
Wordpress
WebDav
Joomla
Jenkins
IIS
VHosts
Firebase
OWA
OAuth
Flask
Symfony && Twig
Drupal
NoSQL (MongoDB, CouchDB)
PHP
RoR (Ruby on Rails)
JBoss - Java Deserialization
OneLogin - SAML Login
Flash SWF
Nginx
Python
Tomcat
Adobe AEM
Magento
SAP
MFA
GWT
Jira
OIDC (Open ID Connect)
ELK
Sharepoint
Others
Cloud
Exploitation
Payloads
Reverse Shells
File transfer
Post Exploitation
Linux
Pivoting
Windows
Mobile
General
Android
iOS
Others
Burp Suite
Password cracking
VirtualBox
Code review
Pentesting Web checklist
Internal Pentest
Web fuzzers review
Recon suites review
Subdomain tools review
Random
Master assessment mindmaps
BugBounty
Exploiting
tools everywhere
Powered By
GitBook
Comment on page
Python
# Analyze Python code
https://github.com/PyCQA/bandit
# Python Web Server common flaws
Input injection in filename:
"; cat /etc/passwd
Last modified
3yr ago