# voorivex/pentest-guide **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/voorivex-pentest-guide).** 2,761 stars · 570 forks · gpl-3.0 ## Links - GitHub: https://github.com/Voorivex/pentest-guide - awesome-repositories: https://awesome-repositories.com/repository/voorivex-pentest-guide.md ## Topics `bugbounty` `bypass` `owasp-tests` `payload` `penetration-testing` `pentest` `vulnerability` `writeup` ## Description This project is a comprehensive web application penetration testing guide and vulnerability research framework. It provides a structured methodology for identifying and exploiting security flaws through a phased approach involving reconnaissance, analysis, and exploitation. The resource is distinguished by its use of a curated methodology framework that links theoretical vulnerability patterns to real-world bug bounty reports and historical exploit examples. It includes a payload-based testing library and a reference system that maps specific vulnerability categories to recommended third-party security tools. The guide covers a broad spectrum of security analysis, including attack surface mapping, authentication and session auditing, and infrastructure configuration reviews. It provides detailed procedures for identifying common vulnerabilities such as injection flaws, broken access control, business logic gaps, and token-based security issues. The project is organized as a collection of manuals and checklists, including a web security audit checklist and a dedicated API security testing manual. ## Tags ### Security & Cryptography - [API Security Testing](https://awesome-repositories.com/f/security-cryptography/api-security-testing.md) — Includes a dedicated API security testing manual focusing on JWTs and resource sharing policies. - [Security Testing Methodologies](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing-methodologies.md) — Implements a structured, phased methodology for conducting comprehensive security audits on web applications. - [Web Application Penetration Testing](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/web-application-penetration-testing.md) — Provides a structured methodology for performing systematic security assessments and identifying flaws in web applications. - [Access Control Testing](https://awesome-repositories.com/f/security-cryptography/access-control-testing.md) — Provides procedures for testing authentication bypasses and weak lockout mechanisms to identify unauthorized access to restricted areas. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Insecure-Authentication-Class)) - [Input Payload Testing](https://awesome-repositories.com/f/security-cryptography/access-control/session-and-oauth-vulnerability-testing/input-payload-testing.md) — Uses a library of specific input strings and malformed requests to trigger and identify software flaws. - [Attack Surface Mapping](https://awesome-repositories.com/f/security-cryptography/attack-surface-mapping.md) — Provides detailed methodologies for discovering and documenting internet-facing assets to identify organizational exposure. - [Business Logic Security](https://awesome-repositories.com/f/security-cryptography/business-logic-security.md) — Tests for request forgery and workflow circumvention to identify flaws in functional application logic. ([source](https://github.com/Voorivex/pentest-guide#readme)) - [Authentication Process Auditing](https://awesome-repositories.com/f/security-cryptography/identity-authentication/authentication-method-auditing/authentication-process-auditing.md) — Analyzes login processes and credential policies to identify weaknesses in user identity verification. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Insecure-Authentication-Class)) - [Input Validation Testing](https://awesome-repositories.com/f/security-cryptography/input-validation-testing.md) — Analyzes how systems handle input to detect injection vulnerabilities including XSS, SQL, and NoSQL. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md)) - [Session Cookie Security](https://awesome-repositories.com/f/security-cryptography/oauth-authentication/token-encryption/session-cookie-security.md) — Analyzes cookie attributes and session timeouts to prevent session fixation and account hijacking. ([source](https://github.com/Voorivex/pentest-guide#readme)) - [Remote Code Execution Testing](https://awesome-repositories.com/f/security-cryptography/remote-code-execution-testing.md) — Provides tests for command injection and buffer overflows to achieve remote code execution. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md)) - [Authorization Bypass Testing](https://awesome-repositories.com/f/security-cryptography/security-and-access-control/authorization-bypass-testing.md) — Tests role definitions and authorization bypasses to ensure proper enforcement of user privileges. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md)) - [Privilege Escalation Testing](https://awesome-repositories.com/f/security-cryptography/security-and-access-control/privilege-escalation-testing.md) — Provides methods to test for privilege escalation and insecure object references. ([source](https://github.com/Voorivex/pentest-guide#readme)) - [Command Injection Payloads](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/injection-exploitation-techniques/command-injection-payloads.md) — Includes a library of payloads for detecting and exploiting OS command injection vulnerabilities. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Command-Injection)) - [Vulnerability Research](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/vulnerability-research.md) — Ships a framework with curated payloads and bug bounty case studies for documenting software vulnerabilities. - [Session Authentication](https://awesome-repositories.com/f/security-cryptography/session-authentication.md) — Provides a comprehensive checklist for auditing authentication mechanisms and session management. - [Vulnerability Analysis](https://awesome-repositories.com/f/security-cryptography/vulnerability-analysis.md) — Implements a structured analysis framework for identifying security flaws in application business logic. - [API Security Checklists](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/api-security-checklists.md) — Includes a dedicated manual and checklists for analyzing token-based authentication and resource sharing in APIs. - [Web Application Security Testing Guides](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/web-application-security-testing-guides.md) — Offers a comprehensive procedural framework and structured methodology for identifying web application vulnerabilities. - [Cross-Site Scripting Vulnerabilities](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-vulnerabilities/injection-vulnerabilities/cross-site-scripting-vulnerabilities.md) — Provides curated guides and real-world examples for locating and exploiting Cross-Site Scripting vulnerabilities. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Cross-Site-Scripting)) - [SQL Injection Detection Tools](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-vulnerabilities/injection-vulnerabilities/sql-injection-detection-tools.md) — Ships educational guides and tool recommendations for detecting SQL injection vulnerabilities. ([source](https://github.com/Voorivex/pentest-guide/tree/master/SQL-Injection)) - [Security Configuration Auditing](https://awesome-repositories.com/f/security-cryptography/web-security-analysis/security-configuration-auditing.md) — Provides guides for auditing infrastructure configurations, security headers, and server settings. ([source](https://github.com/Voorivex/pentest-guide#readme)) - [JWT Vulnerability Analysis](https://awesome-repositories.com/f/security-cryptography/access-tokens/jwt-vulnerability-analysis.md) — Offers procedures to locate security flaws in token implementations such as unverified signatures and hardcoded secrets. ([source](https://github.com/Voorivex/pentest-guide/tree/master/JSON-Web-Token-Flaw)) - [Recovery Flow Auditing](https://awesome-repositories.com/f/security-cryptography/account-recovery/recovery-flow-auditing.md) — Evaluates password reset flows and email verification to prevent unauthorized account takeovers. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Insecure-Authentication-Class)) - [Bug Bounty Report Mappings](https://awesome-repositories.com/f/security-cryptography/compliance-standards/vulnerability-mapping/cve-mapping/bug-bounty-report-mappings.md) — Maps theoretical vulnerability patterns to documented bug bounty reports and CVE data. - [Cryptographic Evaluations](https://awesome-repositories.com/f/security-cryptography/cryptographic-evaluations.md) — Offers methods to check for weak ciphers, padding oracles, and unencrypted data transmission. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md)) - [File Upload Security](https://awesome-repositories.com/f/security-cryptography/file-upload-security.md) — Includes checks for the upload of malicious files or unexpected types to prevent system compromise. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md)) - [Unrestricted File Uploads](https://awesome-repositories.com/f/security-cryptography/file-upload-security/upload-filter-bypass-payloads/xss-via-file-upload-bypasses/unrestricted-file-uploads.md) — Details how to test for unrestricted file uploads to achieve remote code execution. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Secured-File-Upload)) - [Hidden File Discovery](https://awesome-repositories.com/f/security-cryptography/hidden-file-discovery.md) — Uses fuzzing and backup file reviews to locate sensitive directories not linked in the main application. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md)) - [JWT Exploitation Techniques](https://awesome-repositories.com/f/security-cryptography/jwt-claim-validation/jwt-exploitation-techniques.md) — Details techniques for manipulating JSON Web Tokens to forge identities or bypass authentication. ([source](https://github.com/Voorivex/pentest-guide/tree/master/JSON-Web-Token-Flaw)) - [HTTP Verb Tampering](https://awesome-repositories.com/f/security-cryptography/request-tampering-middleware/http-verb-tampering.md) — Provides procedures for testing if changing HTTP methods can bypass restricted access controls. ([source](https://github.com/Voorivex/pentest-guide/tree/master/HTTP-Verb-Tampering)) - [CSRF](https://awesome-repositories.com/f/security-cryptography/security/ai-and-machine-learning/prompt-injection-testing/exploit-crafting/csrf.md) — Includes a curated guide for detecting and exploiting cross-site request forgery vulnerabilities. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Cross-Site-Request-Forgery)) - [Server-Side Template Injection Methodologies](https://awesome-repositories.com/f/security-cryptography/security/offensive-operations/vulnerability-research-analysis/injection-exploitation-techniques/server-side-template-injection-methodologies.md) — Includes research and documentation for identifying and exploiting server-side template injection. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Server-Side-Template-Injection)) - [Threat Modeling](https://awesome-repositories.com/f/security-cryptography/threat-modeling.md) — Evaluates business logic and access controls by simulating attacker goals and privilege escalation paths. - [Credential Brute-Forcing](https://awesome-repositories.com/f/security-cryptography/vulnerability-assessment-testing/security-testing-auditing/security-testing/credential-brute-forcing.md) — Documents methods for identifying weak authentication endpoints through repetitive credential guessing. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Brute-Force)) - [Checklists](https://awesome-repositories.com/f/security-cryptography/web-application-security/web-security-auditing/checklists.md) — Provides a detailed audit checklist for evaluating authentication, session management, and access control mechanisms. ### Part of an Awesome List - [Technology Fingerprinting](https://awesome-repositories.com/f/awesome-lists/devtools/technology-fingerprinting.md) — Identifies web servers and application frameworks to understand the technical environment of the target. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md)) - [Attack Payloads and Wordlists](https://awesome-repositories.com/f/awesome-lists/security/attack-payloads-and-wordlists.md) — Provides a curated library of attack payloads and wordlists to trigger and identify software flaws. - [Authentication Testing](https://awesome-repositories.com/f/awesome-lists/security/authentication-testing.md) — Evaluates registration, password policies, and multi-factor authentication to identify identity management flaws. ([source](https://github.com/Voorivex/pentest-guide#readme)) - [Information Gathering](https://awesome-repositories.com/f/awesome-lists/security/information-gathering.md) — Provides tools and techniques for collecting metadata and reconnaissance to map the attack surface. ([source](https://github.com/Voorivex/pentest-guide#readme)) - [Insecure Direct Object References](https://awesome-repositories.com/f/awesome-lists/security/insecure-direct-object-references.md) — Contains methodologies for detecting insecure direct object references and authorization enforcement issues. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Insecure-Direct-Object-References)) - [Privilege Escalation](https://awesome-repositories.com/f/awesome-lists/security/privilege-escalation.md) — Provides a curated framework for identifying and exploiting privilege escalation paths. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Privilege-Escalation)) - [Reconnaissance and OSINT](https://awesome-repositories.com/f/awesome-lists/security/reconnaissance-and-osint.md) — Offers comprehensive methodologies for attack surface mapping, technology fingerprinting, and reconnaissance. - [Sensitive Data Leakage](https://awesome-repositories.com/f/awesome-lists/security/sensitive-data-leakage.md) — Provides techniques for discovering exposed secrets and sensitive data leakage across various channels. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Information-Leakage)) - [Server Side Request Forgery](https://awesome-repositories.com/f/awesome-lists/security/server-side-request-forgery.md) — Features a curated reference system and payloads for identifying server-side request forgery. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Server-Side-Request-Forgery)) - [Bug Bounty Resources](https://awesome-repositories.com/f/awesome-lists/learning/bug-bounty-resources.md) — Organizes bug bounty research and real-world exploit reports for educational purposes. - [CORS Misconfiguration](https://awesome-repositories.com/f/awesome-lists/security/cors-misconfiguration.md) — Provides guidance for identifying Cross-Origin Resource Sharing misconfigurations that allow unauthorized data access. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Cross-Origin-Resource-Sharing)) - [Race Condition](https://awesome-repositories.com/f/awesome-lists/security/race-condition.md) — Provides documented use cases and guides for exploiting timing-based race condition flaws in web applications. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Race-Condition)) - [Request Smuggling](https://awesome-repositories.com/f/awesome-lists/security/request-smuggling.md) — Documents techniques for identifying connection desynchronization and HTTP request smuggling flaws. ([source](https://github.com/Voorivex/pentest-guide/tree/master/HTTP-Smuggling)) - [SSL and TLS Security](https://awesome-repositories.com/f/awesome-lists/security/ssl-and-tls-security.md) — Provides guidelines for auditing SSL/TLS cryptographic configurations and checking for weak ciphers. ([source](https://github.com/Voorivex/pentest-guide#readme)) - [XXE Injection](https://awesome-repositories.com/f/awesome-lists/security/xxe-injection.md) — Includes specialized payloads and bypass techniques for detecting and exploiting XML External Entity vulnerabilities. ([source](https://github.com/Voorivex/pentest-guide/tree/master/XML-External-Entity)) ### Testing & Quality Assurance - [Input Validation](https://awesome-repositories.com/f/testing-quality-assurance/validation-verification/input-validation.md) — Tests application responses to malicious input to detect SQL, NoSQL, and remote command execution vulnerabilities. ([source](https://github.com/Voorivex/pentest-guide#readme)) ### Web Development - [Directory Traversal Exploits](https://awesome-repositories.com/f/web-development/api-management-tools/api-development-management/web-apis/file-reading/directory-traversal-exploits.md) — Provides methodologies for exploiting directory traversal to access files outside the web root. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Directory-Traversal-File-Include)) - [Open Redirect Exploits](https://awesome-repositories.com/f/web-development/external-site-redirections/open-redirect-exploits.md) — Details techniques for detecting manipulated URL parameters that redirect users to untrusted external domains. ([source](https://github.com/Voorivex/pentest-guide/tree/master/Open-Redirect)) ### Education & Learning Resources - [Vulnerability Case Studies](https://awesome-repositories.com/f/education-learning-resources/architectural-case-studies/vulnerability-case-studies.md) — Links theoretical vulnerability patterns to documented real-world bug bounty reports and historical exploit examples. - [Technical Case Studies](https://awesome-repositories.com/f/education-learning-resources/technical-case-studies.md) — Links theoretical vulnerabilities to documented real-world bug bounty reports and case studies. ([source](https://github.com/Voorivex/pentest-guide/tree/master/SQL-Injection)) ### Software Engineering & Architecture - [Execution Phases](https://awesome-repositories.com/f/software-engineering-architecture/execution-phases.md) — Organizes security testing into sequenced stages of reconnaissance, analysis, and exploitation. ### System Administration & Monitoring - [Data Leak Monitors](https://awesome-repositories.com/f/system-administration-monitoring/monitoring-and-observability/data-leak-monitors.md) — Scans search engines and error logs to uncover sensitive data leaked through public channels. ([source](https://github.com/Voorivex/pentest-guide/blob/master/README.md))