Voorivex/pentest-guide

Features

• API Security Testing - Includes a dedicated API security testing manual focusing on JWTs and resource sharing policies.
• Security Testing Methodologies - Implements a structured, phased methodology for conducting comprehensive security audits on web applications.
• Web Application Penetration Testing - Provides a structured methodology for performing systematic security assessments and identifying flaws in web applications.
• Technology Fingerprinting - Identifies web servers and application frameworks to understand the technical environment of the target.
• Attack Payloads and Wordlists - Provides a curated library of attack payloads and wordlists to trigger and identify software flaws.
• Authentication Testing - Evaluates registration, password policies, and multi-factor authentication to identify identity management flaws.
• Information Gathering - Provides tools and techniques for collecting metadata and reconnaissance to map the attack surface.
• Insecure Direct Object References - Contains methodologies for detecting insecure direct object references and authorization enforcement issues.
• Privilege Escalation - Provides a curated framework for identifying and exploiting privilege escalation paths.
• Reconnaissance and OSINT - Offers comprehensive methodologies for attack surface mapping, technology fingerprinting, and reconnaissance.
• Sensitive Data Leakage - Provides techniques for discovering exposed secrets and sensitive data leakage across various channels.
• Server Side Request Forgery - Features a curated reference system and payloads for identifying server-side request forgery.
• Access Control Testing - Provides procedures for testing authentication bypasses and weak lockout mechanisms to identify unauthorized access to restricted areas.
• Input Payload Testing - Uses a library of specific input strings and malformed requests to trigger and identify software flaws.
• Attack Surface Mapping - Provides detailed methodologies for discovering and documenting internet-facing assets to identify organizational exposure.
• Business Logic Security - Tests for request forgery and workflow circumvention to identify flaws in functional application logic.
• Authentication Process Auditing - Analyzes login processes and credential policies to identify weaknesses in user identity verification.
• Input Validation Testing - Analyzes how systems handle input to detect injection vulnerabilities including XSS, SQL, and NoSQL.
• Session Cookie Security - Analyzes cookie attributes and session timeouts to prevent session fixation and account hijacking.
• Remote Code Execution Testing - Provides tests for command injection and buffer overflows to achieve remote code execution.
• Authorization Bypass Testing - Tests role definitions and authorization bypasses to ensure proper enforcement of user privileges.
• Privilege Escalation Testing - Provides methods to test for privilege escalation and insecure object references.
• Command Injection Payloads - Includes a library of payloads for detecting and exploiting OS command injection vulnerabilities.
• Vulnerability Research - Ships a framework with curated payloads and bug bounty case studies for documenting software vulnerabilities.
• Session Authentication - Provides a comprehensive checklist for auditing authentication mechanisms and session management.
• Vulnerability Analysis - Implements a structured analysis framework for identifying security flaws in application business logic.
• API Security Checklists - Includes a dedicated manual and checklists for analyzing token-based authentication and resource sharing in APIs.
• Web Application Security Testing Guides - Offers a comprehensive procedural framework and structured methodology for identifying web application vulnerabilities.
• Cross-Site Scripting Vulnerabilities - Provides curated guides and real-world examples for locating and exploiting Cross-Site Scripting vulnerabilities.
• SQL Injection Detection Tools - Ships educational guides and tool recommendations for detecting SQL injection vulnerabilities.
• Security Configuration Auditing - Provides guides for auditing infrastructure configurations, security headers, and server settings.
• Input Validation - Tests application responses to malicious input to detect SQL, NoSQL, and remote command execution vulnerabilities.
• Directory Traversal Exploits - Provides methodologies for exploiting directory traversal to access files outside the web root.
• Bug Bounty Resources - Organizes bug bounty research and real-world exploit reports for educational purposes.
• CORS Misconfiguration - Provides guidance for identifying Cross-Origin Resource Sharing misconfigurations that allow unauthorized data access.
• Race Condition - Provides documented use cases and guides for exploiting timing-based race condition flaws in web applications.
• Request Smuggling - Documents techniques for identifying connection desynchronization and HTTP request smuggling flaws.
• SSL and TLS Security - Provides guidelines for auditing SSL/TLS cryptographic configurations and checking for weak ciphers.
• XXE Injection - Includes specialized payloads and bypass techniques for detecting and exploiting XML External Entity vulnerabilities.
• Vulnerability Case Studies - Links theoretical vulnerability patterns to documented real-world bug bounty reports and historical exploit examples.
• Technical Case Studies - Links theoretical vulnerabilities to documented real-world bug bounty reports and case studies.
• JWT Vulnerability Analysis - Offers procedures to locate security flaws in token implementations such as unverified signatures and hardcoded secrets.
• Recovery Flow Auditing - Evaluates password reset flows and email verification to prevent unauthorized account takeovers.
• Bug Bounty Report Mappings - Maps theoretical vulnerability patterns to documented bug bounty reports and CVE data.
• Cryptographic Evaluations - Offers methods to check for weak ciphers, padding oracles, and unencrypted data transmission.
• File Upload Security - Includes checks for the upload of malicious files or unexpected types to prevent system compromise.
• Unrestricted File Uploads - Details how to test for unrestricted file uploads to achieve remote code execution.
• Hidden File Discovery - Uses fuzzing and backup file reviews to locate sensitive directories not linked in the main application.
• JWT Exploitation Techniques - Details techniques for manipulating JSON Web Tokens to forge identities or bypass authentication.
• HTTP Verb Tampering - Provides procedures for testing if changing HTTP methods can bypass restricted access controls.
• CSRF - Includes a curated guide for detecting and exploiting cross-site request forgery vulnerabilities.
• Server-Side Template Injection Methodologies - Includes research and documentation for identifying and exploiting server-side template injection.
• Threat Modeling - Evaluates business logic and access controls by simulating attacker goals and privilege escalation paths.
• Credential Brute-Forcing - Documents methods for identifying weak authentication endpoints through repetitive credential guessing.
• Checklists - Provides a detailed audit checklist for evaluating authentication, session management, and access control mechanisms.
• Execution Phases - Organizes security testing into sequenced stages of reconnaissance, analysis, and exploitation.
• Data Leak Monitors - Scans search engines and error logs to uncover sensitive data leaked through public channels.
• Open Redirect Exploits - Details techniques for detecting manipulated URL parameters that redirect users to untrusted external domains.

Star history