d4Rk's 1337 h4x0r guide

Search

⌃K

Links

Reconnaissance

Enumeration

Network discovery

Webserver scanning

Exploit detection

Process monitoring

Exploitation

SQL injection (SQLi)

Cross site scripting (XSS)

File inclusions (LFI, RFI)

Directory traversal

Cross site request forgery (CSRF)

XML external entity (XXE)

Cross origin resource sharing (CORS)

Server-side request forgery (SSRF)

Server-side template injection (SSTI)

Access control vulnerabilities

Authentication vulnerabilities

Host header attacks

OS command injection

HTTP Request smuggling

Insecure deserialization

Web cache poisoning

Buffer overflow

Privilege escalation

Post exploitation

Standalone Tools

Services

File transfer

VBScript: Wget clone

Misc

Firefox extensions

Memory forensics

Metasploit Framework (MSF)

Pass the Hash (PTH)

PowerShell on Linux

Wordlists and dictionaries

Bug Bounty

Powered By GitBook

Web

Here are the articles in this section:

SQL injection (SQLi)

Cross site scripting (XSS)

File inclusions (LFI, RFI)

Directory traversal

Cross site request forgery (CSRF)

XML external entity (XXE)

Cross origin resource sharing (CORS)

Server-side request forgery (SSRF)

Server-side template injection (SSTI)

Access control vulnerabilities

Authentication vulnerabilities

Host header attacks

OS command injection

HTTP Request smuggling

Insecure deserialization

Web cache poisoning

Passwords & credentials

SQL injection (SQLi)