Browse Hacknotes

Web

Web application penetration testing documentation covering SQL injection, Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), and other web vulnerabilities. Practical exploitation techniques and tools for security testing and ethical hacking.

In this section

  • Cross-Site Request Forgery (CSRF/XSRF)
    Cross-Site Request Forgery (CSRF) penetration testing guide covering token analysis, request forgery testing, and CSRF exploitation techniques. Learn how to identify vulnerable endpoints, create PoC attacks, and test CSRF protection mechanisms for web security assessments.
  • Cross-Site Scripting (XSS)
    Cross-Site Scripting (XSS) penetration testing guide covering reflected, stored, and DOM-based XSS vulnerabilities. Learn detection techniques, filter bypass methods, and exploitation using tools like XSSer, Dalfox, and manual testing for web application security assessments.
  • SQL Injection
    SQL injection penetration testing guide covering union-based, boolean-based, time-based, and error-based SQL injection techniques using SQLMap and manual methods to exploit database vulnerabilities and extract sensitive data during security assessments.
Network Services