Web-Pentesting

Getting Started with OWASP Mutillidae II A beginner-friendly guide to one of the most powerful vulnerable web apps for practicing ethical hacking What Is OWASP Mutillidae II? OWASP Mutillidae II, also known as Matilda Day 2, is a deliberately vulnerable web application designed to help you practice: It’s written in PHP, runs on Apache, and […]

Understanding Apache, PHP, and WordPress A foundational breakdown of the tech stack behind the world’s most popular CMS Why WordPress Matters in Pentesting Over 40% of all websites on the internet run on WordPress. That makes it one of the most common targets you’ll see in the field — especially in client environments, small businesses,

Understanding the LAMP Stack and How Web Servers Work Together From File to Function: A Beginner Pentester’s Guide to Hosting Web Apps When I first started experimenting with vulnerable web applications like OWASP Mutillidae II (Matilda Day 2), I didn’t just want to get it running — I wanted to understand what was happening under

Exfiltrating Credentials and Sensitive Data from Web Applications Getting inside the castle is one thing. Looting it without setting off alarms? That’s where real skill comes in. Once you’ve compromised a web application, the next step is clear: find and extract sensitive data—usernames, passwords, tokens, configuration files, database records, and anything else the devs forgot

Exploiting Vulnerable Web Components Modern web applications are often built on frameworks, libraries, plugins, and modules—many of which were written once and then forgotten. These outdated components are like termites in a house: invisible until they bring the whole thing down. In this post, we’ll look at how to identify and exploit these forgotten and

Brute-Force Attacks on Web Logins Brute-force attacks are the digital equivalent of kicking in the front door. It’s loud, sometimes messy, but when there’s no lockout policy or rate-limiting, it works. As pentesters, our job is to identify weak authentication mechanisms—and exploiting them with brute-force is often the first step toward initial access. What Is

🔹 1. Query String Parameters (GET) Used in URLs, sent via the query string after a ?. Example: 🔹 2. Form Parameters (POST) Sent in the request body, often in login or contact forms. Example: 🔹 3. URL Path Parameters Some apps use REST-style URLs where the parameter is embedded in the path. Example: 🔹

Post 11: Common Web Exploits in OSCP & eCPPT Exams Real-World Exploitation Paths That Actually Work This post summarizes the most frequently exploited web vulnerabilities you’re likely to encounter during your OSCP or eCPPT exam. These aren’t theoretical — they’re practical, proven, and often lead to initial footholds or shell access. We’ll cover what to

Post 10: Burp Suite for Web Pentesters The Swiss Army Proxy for Recon, Exploitation, and Mastery Burp Suite is the most powerful tool in a web pentester’s arsenal. Whether you’re performing recon, brute-forcing, exploiting injection points, or breaking session management — Burp is where it all happens. This post is your complete guide to mastering

Post 9: Business Logic Attacks Breaking the Rules That Developers Never Thought You’d Try Business logic attacks exploit the intended behavior of an application in ways that developers didn’t anticipate. These aren’t technical misconfigurations like SQLi or XSS — they’re workflow flaws, authorization gaps, or assumptions gone wrong. Table of Contents 1. What Are Business