Page cover

Penestration Testing

Author: Anonputraid

Metode By Anonputraid:

Information Gathering

  • Wallking An Application

  • Content Discovery

Enumeration/Scanning

  • Subdomain Enumeration

  • Burp Suite

  • Nmap

  • Directory Scan

Exploitation

Server-Side :

  • SQL Injection

  • Authentication

  • Directory Traversal

  • Command Injection

  • Business Logic Vulnerabilities

  • Information Disclosure

  • Access Control

  • File Upload Vulnerabilities

  • Server-Side Request Forgery (SSRF)

  • XXE Injection

Client-Side :

  • Cross-side Scripting (XSS)

  • Cross-Side Request Forgery (CSRF)

  • Cross-Origin Resource Sharing (CORS)

  • Click-Jacking Vulnerablilities

  • DOM-Based Vulnerabilities

  • Web-Socket

Issue Type Advanced :

  • Insecure Deserialization

  • Server-Side Template Injection

  • Web-Cache Poisoning

  • HTTP Host Header Attack

  • HTTP Request Smuggling

  • Oauth Authentication

Privilege Escalation

  • What The Shell

  • Linux PriveEsc

  • Windows Privesc

Post Exploitation

  • Apa Host Lain Yang Dapat Ditargetkan (Pivoting)

  • Informasi Tambahan Apa Yang Dapat Kami Kumpulkan Dari Host Sekarang Karena Kami Adalah Privileged User.

  • Menutupi jejak Anda

  • Report

Last updated

Was this helpful?