# CWES - [Web Requests](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-requests.md) - [cURL](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-requests/curl.md) - [Information Gathering - Web Edition](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition.md) - [WHOIS](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/whois.md) - [DNS Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/dns-enumeration.md) - [Passive Subdomain Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/passive-subdomain-enumeration.md) - [Passive Infrastructure Identification](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/passive-infrastructure-identification.md) - [Fingerprinting](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/fingerprinting.md) - [Active Subdomain Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/active-subdomain-enumeration.md) - [Virtual Hosts](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/virtual-hosts.md) - [Crawling](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/crawling.md) - [Search Engine Discovery](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/search-engine-discovery.md) - [Google Dorking](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/google-dorking.md) - [Simple Examples](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/google-dorking/simple-examples.md) - [Automating Recon](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/automating-recon.md) - [FinalRecon](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/automating-recon/finalrecon.md) - [Attacking Web Applications with Ffuf](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf.md) - [Web Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/web-fuzzing.md) - [Directory Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/directory-fuzzing.md) - [Page Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/page-fuzzing.md) - [Recursive Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/recursive-fuzzing.md) - [Sub-domain Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/sub-domain-fuzzing.md) - [Vhost Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/vhost-fuzzing.md) - [Parameter Fuzzing - GET](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/parameter-fuzzing-get.md) - [Parameter Fuzzing - POST](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/parameter-fuzzing-post.md) - [Value Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/value-fuzzing.md) - [Skills Assessment - Web Fuzzing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/skills-assessment-web-fuzzing.md) - [Cheat Sheet](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/cheat-sheet.md) - [JavaScript Deobfuscation](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/javascript-deobfuscation.md) - [Cross-Site Scripting (XSS)](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss.md) - [Introduction](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/introduction.md) - [Stored XSS](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/stored-xss.md) - [Reflected XSS](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/reflected-xss.md) - [DOM XSS](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/dom-xss.md) - [XSS Discovery](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/xss-discovery.md) - [Phishing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/phishing.md) - [Session Hijacking](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/session-hijacking.md) - [Cheat Sheet](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/cheat-sheet.md) - [SQL Injection Fundamentals](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals.md) - [MySQL](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/mysql.md) - [SQL Injection](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/sql-injection.md) - [Exploitation](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/exploitation.md) - [Skills Assessment - SQL Injection Fundamentals](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/skills-assessment-sql-injection-fundamentals.md) - [References](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/references.md) - [SQLMap Essentials](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials.md) - [Getting Started with SQLMap](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/getting-started-with-sqlmap.md) - [Running SQLMap on an HTTP Request](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request/question-1.md) - [Question-2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request/question-2.md) - [Question-3](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request/question-3.md) - [Handling SQLMap Errors](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/handling-sqlmap-errors.md) - [Attack Tuning](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning/question-1.md) - [Question-2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning/question-2.md) - [Question-3](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning/question-3.md) - [Database Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/database-enumeration.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/database-enumeration/question-1.md) - [Advanced Database Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/advanced-database-enumeration.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/advanced-database-enumeration/question-1.md) - [Question-2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/advanced-database-enumeration/question-2.md) - [Bypassing Web Application Protections](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-1.md) - [Question-2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-2.md) - [Question-3](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-3.md) - [Question-4](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-4.md) - [OS Exploitation](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/os-exploitation.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/os-exploitation/question-1.md) - [Question-2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/os-exploitation/question-2.md) - [Skills Assessment](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/skills-assessment.md) - [Command Injections](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections.md) - [Intro](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/intro.md) - [Dectetion](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/dectetion.md) - [Question](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/dectetion/question.md) - [Injecting Commands](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/injecting-commands.md) - [Question](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/injecting-commands/question.md) - [Other Injection Operators](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/other-injection-operators.md) - [Common Operators for Injections](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/other-injection-operators/common-operators-for-injections.md) - [Question](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/other-injection-operators/question.md) - [Bypassing Other Blacklisted Characters](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/bypassing-other-blacklisted-characters.md) - [Blacklisted Command Bypass](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/blacklisted-command-bypass.md) - [Advanced Command Obfuscation](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/advanced-command-obfuscation.md) - [Evasion Tools](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/evasion-tools.md) - [Linux (Bashfuscator)](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/evasion-tools/linux-bashfuscator.md) - [Windows (DOSfuscation)](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/evasion-tools/windows-dosfuscation.md) - [File Upload Attacks](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks.md) - [Upload Exploitation](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/upload-exploitation.md) - [Blacklist Filters](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/blacklist-filters.md) - [Whitelist Filters](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/whitelist-filters.md) - [Type Filters](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/type-filters.md) - [Question](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/type-filters/question.md) - [Limited File Uploads](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/limited-file-uploads.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/limited-file-uploads/question-1.md) - [Question-2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/limited-file-uploads/question-2.md) - [Server-Side Attacks](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks.md) - [SSRF Exploitation Example](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssrf-exploitation-example.md) - [Blind SSRF Exploitation Example](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/blind-ssrf-exploitation-example.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/blind-ssrf-exploitation-example/question-1.md) - [SSI Injection Exploitation Example](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssi-injection-exploitation-example.md) - [References](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssi-injection-exploitation-example/references.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssi-injection-exploitation-example/question-1.md) - [SSTI Identification](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-identification.md) - [SSTI Exploitation Example 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-1.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-1/question-1.md) - [SSTI Exploitation Example 2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-2.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-2/question-1.md) - [SSTI Exploitation Example 3](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-3.md) - [Skills Assessment](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/skills-assessment.md) - [Login Brute Forcing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing.md) - [Default Passwords](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/default-passwords.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/default-passwords/question-1.md) - [Username Brute Force](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/username-brute-force.md) - [Determine Login Parameters](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/determine-login-parameters.md) - [Login Form Attacks](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/login-form-attacks.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/login-form-attacks/question-1.md) - [Personalized Wordlists](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/personalized-wordlists.md) - [Service Authentication Brute Forcing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/service-authentication-brute-forcing.md) - [Broken Authentication](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication.md) - [Enumerating Users](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/enumerating-users.md) - [Brute-Forcing Passwords](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/brute-forcing-passwords.md) - [Brute-Forcing Password Reset Tokens](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/brute-forcing-password-reset-tokens.md) - [Brute-Forcing 2FA Codes](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/brute-forcing-2fa-codes.md) - [Default Credentials](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/default-credentials.md) - [Vulnerable Password Reset](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/vulnerable-password-reset.md) - [Web Attacks](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks.md) - [HTTP Verb Tampering](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/http-verb-tampering.md) - [IDOR](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/idor.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/idor/question-1.md) - [Question-2](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/idor/question-2.md) - [XXE](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/xxe.md) - [Identificar XXE](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/xxe/identificar-xxe.md) - [Question-1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/xxe/identificar-xxe/question-1.md) - [File Inclusion](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion.md) - [File Disclosure](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure.md) - [Basic LFI - 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure/basic-lfi-1.md) - [LFI Bypass - 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure/lfi-bypass-1.md) - [PHP Filters - 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure/php-filters-1.md) - [Remote Code Execution](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution.md) - [PHP Wrappers - 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/php-wrappers-1.md) - [RFI - 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/rfi-1.md) - [LFI & Uploads - 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/lfi-and-uploads-1.md) - [Log Poisoning - 1](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/log-poisoning-1.md) - [Automation and Prevention](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/automation-and-prevention.md) - [Hacking WordPress](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress.md) - [WordPress Core Version Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/wordpress-core-version-enumeration.md) - [Plugins and Themes Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/plugins-and-themes-enumeration.md) - [Directory Indexing](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/directory-indexing.md) - [User Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/user-enumeration.md) - [WPScan Enumeration](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/wpscan-enumeration.md) - [Exploiting a Vulnerable Plugin](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/exploiting-a-vulnerable-plugin.md) - [Attacking WordPress Users](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/attacking-wordpress-users.md) - [Remote Code Execution (RCE) via the Theme Editor](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/remote-code-execution-rce-via-the-theme-editor.md) - [Question](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/remote-code-execution-rce-via-the-theme-editor/question.md) - [Attacking WordPress with Metasploit](https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/attacking-wordpress-with-metasploit.md) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://savitar.gitbook.io/mynotes/certifications-and-notes/web-pentesting/cwes.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.