Thanks to visit this site, please consider enhance this book with some awesome tools or techniques you know, you can contact me by Telegram(@six2dez), Twitter(@six2dez1) or Discord(six2dez#8201), GitHub pull request is welcomed too ;) Hack 'em all
Don't you know where to go now? Let me introduce you to some of the most popular pages on this wiki:
Know your target! Make a proper recon!
What can you do in those strange ports?
Doing a web pentest? Don't forget to check out any of these common attacks!
Do you have the same hype as me with cloud services? They also have their vulnerabilities
Stuck again with Windows and Kerberos? Here is my cheatsheet
I'm really proud of Pentesting Web Checklist
If you want to know which web fuzzer fits you best, take a look at the comparison.
Important note: I use this wiki daily for my work and I am constantly updating it. I'm very sorry if a link to a page changes or I move it, if you need something you are free to contact me.
You can support this work buying me a coffee: