# CWES

- [Web Requests](/mynotes/certifications-and-notes/web-pentesting/cwes/web-requests.md)
- [cURL](/mynotes/certifications-and-notes/web-pentesting/cwes/web-requests/curl.md)
- [Information Gathering - Web Edition](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition.md)
- [WHOIS](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/whois.md)
- [DNS Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/dns-enumeration.md)
- [Passive Subdomain Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/passive-subdomain-enumeration.md)
- [Passive Infrastructure Identification](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/passive-infrastructure-identification.md)
- [Fingerprinting](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/fingerprinting.md)
- [Active Subdomain Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/active-subdomain-enumeration.md)
- [Virtual Hosts](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/virtual-hosts.md)
- [Crawling](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/crawling.md)
- [Search Engine Discovery](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/search-engine-discovery.md)
- [Google Dorking](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/google-dorking.md)
- [Simple Examples](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/google-dorking/simple-examples.md)
- [Automating Recon](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/automating-recon.md)
- [FinalRecon](/mynotes/certifications-and-notes/web-pentesting/cwes/information-gathering-web-edition/automating-recon/finalrecon.md)
- [Attacking Web Applications with Ffuf](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf.md)
- [Web Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/web-fuzzing.md)
- [Directory Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/directory-fuzzing.md)
- [Page Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/page-fuzzing.md)
- [Recursive Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/recursive-fuzzing.md)
- [Sub-domain Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/sub-domain-fuzzing.md)
- [Vhost Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/vhost-fuzzing.md)
- [Parameter Fuzzing - GET](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/parameter-fuzzing-get.md)
- [Parameter Fuzzing - POST](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/parameter-fuzzing-post.md)
- [Value Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/value-fuzzing.md)
- [Skills Assessment - Web Fuzzing](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/skills-assessment-web-fuzzing.md)
- [Cheat Sheet](/mynotes/certifications-and-notes/web-pentesting/cwes/attacking-web-applications-with-ffuf/cheat-sheet.md)
- [JavaScript Deobfuscation](/mynotes/certifications-and-notes/web-pentesting/cwes/javascript-deobfuscation.md)
- [Cross-Site Scripting (XSS)](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss.md)
- [Introduction](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/introduction.md)
- [Stored XSS](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/stored-xss.md)
- [Reflected XSS](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/reflected-xss.md)
- [DOM XSS](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/dom-xss.md)
- [XSS Discovery](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/xss-discovery.md)
- [Phishing](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/phishing.md)
- [Session Hijacking](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/session-hijacking.md)
- [Cheat Sheet](/mynotes/certifications-and-notes/web-pentesting/cwes/cross-site-scripting-xss/cheat-sheet.md)
- [SQL Injection Fundamentals](/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals.md)
- [MySQL](/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/mysql.md)
- [SQL Injection](/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/sql-injection.md)
- [Exploitation](/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/exploitation.md)
- [Skills Assessment - SQL Injection Fundamentals](/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/skills-assessment-sql-injection-fundamentals.md)
- [References](/mynotes/certifications-and-notes/web-pentesting/cwes/sql-injection-fundamentals/references.md)
- [SQLMap Essentials](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials.md)
- [Getting Started with SQLMap](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/getting-started-with-sqlmap.md)
- [Running SQLMap on an HTTP Request](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request/question-1.md)
- [Question-2](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request/question-2.md)
- [Question-3](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/running-sqlmap-on-an-http-request/question-3.md)
- [Handling SQLMap Errors](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/handling-sqlmap-errors.md)
- [Attack Tuning](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning/question-1.md)
- [Question-2](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning/question-2.md)
- [Question-3](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/attack-tuning/question-3.md)
- [Database Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/database-enumeration.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/database-enumeration/question-1.md)
- [Advanced Database Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/advanced-database-enumeration.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/advanced-database-enumeration/question-1.md)
- [Question-2](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/advanced-database-enumeration/question-2.md)
- [Bypassing Web Application Protections](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-1.md)
- [Question-2](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-2.md)
- [Question-3](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-3.md)
- [Question-4](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/bypassing-web-application-protections/question-4.md)
- [OS Exploitation](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/os-exploitation.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/os-exploitation/question-1.md)
- [Question-2](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/os-exploitation/question-2.md)
- [Skills Assessment](/mynotes/certifications-and-notes/web-pentesting/cwes/sqlmap-essentials/skills-assessment.md)
- [Command Injections](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections.md)
- [Intro](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/intro.md)
- [Dectetion](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/dectetion.md)
- [Question](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/dectetion/question.md)
- [Injecting Commands](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/injecting-commands.md)
- [Question](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/injecting-commands/question.md)
- [Other Injection Operators](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/other-injection-operators.md)
- [Common Operators for Injections](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/other-injection-operators/common-operators-for-injections.md)
- [Question](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/other-injection-operators/question.md)
- [Bypassing Other Blacklisted Characters](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/bypassing-other-blacklisted-characters.md)
- [Blacklisted Command Bypass](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/blacklisted-command-bypass.md)
- [Advanced Command Obfuscation](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/advanced-command-obfuscation.md)
- [Evasion Tools](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/evasion-tools.md)
- [Linux (Bashfuscator)](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/evasion-tools/linux-bashfuscator.md)
- [Windows (DOSfuscation)](/mynotes/certifications-and-notes/web-pentesting/cwes/command-injections/evasion-tools/windows-dosfuscation.md)
- [File Upload Attacks](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks.md)
- [Upload Exploitation](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/upload-exploitation.md)
- [Blacklist Filters](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/blacklist-filters.md)
- [Whitelist Filters](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/whitelist-filters.md)
- [Type Filters](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/type-filters.md)
- [Question](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/type-filters/question.md)
- [Limited File Uploads](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/limited-file-uploads.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/limited-file-uploads/question-1.md)
- [Question-2](/mynotes/certifications-and-notes/web-pentesting/cwes/file-upload-attacks/limited-file-uploads/question-2.md)
- [Server-Side Attacks](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks.md)
- [SSRF Exploitation Example](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssrf-exploitation-example.md)
- [Blind SSRF Exploitation Example](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/blind-ssrf-exploitation-example.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/blind-ssrf-exploitation-example/question-1.md)
- [SSI Injection Exploitation Example](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssi-injection-exploitation-example.md)
- [References](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssi-injection-exploitation-example/references.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssi-injection-exploitation-example/question-1.md)
- [SSTI Identification](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-identification.md)
- [SSTI Exploitation Example 1](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-1.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-1/question-1.md)
- [SSTI Exploitation Example 2](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-2.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-2/question-1.md)
- [SSTI Exploitation Example 3](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/ssti-exploitation-example-3.md)
- [Skills Assessment](/mynotes/certifications-and-notes/web-pentesting/cwes/server-side-attacks/skills-assessment.md)
- [Login Brute Forcing](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing.md)
- [Default Passwords](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/default-passwords.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/default-passwords/question-1.md)
- [Username Brute Force](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/username-brute-force.md)
- [Determine Login Parameters](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/determine-login-parameters.md)
- [Login Form Attacks](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/login-form-attacks.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/login-form-attacks/question-1.md)
- [Personalized Wordlists](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/personalized-wordlists.md)
- [Service Authentication Brute Forcing](/mynotes/certifications-and-notes/web-pentesting/cwes/login-brute-forcing/service-authentication-brute-forcing.md)
- [Broken Authentication](/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication.md)
- [Enumerating Users](/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/enumerating-users.md)
- [Brute-Forcing Passwords](/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/brute-forcing-passwords.md)
- [Brute-Forcing Password Reset Tokens](/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/brute-forcing-password-reset-tokens.md)
- [Brute-Forcing 2FA Codes](/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/brute-forcing-2fa-codes.md)
- [Default Credentials](/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/default-credentials.md)
- [Vulnerable Password Reset](/mynotes/certifications-and-notes/web-pentesting/cwes/broken-authentication/vulnerable-password-reset.md)
- [Web Attacks](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks.md)
- [HTTP Verb Tampering](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/http-verb-tampering.md)
- [IDOR](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/idor.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/idor/question-1.md)
- [Question-2](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/idor/question-2.md)
- [XXE](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/xxe.md)
- [Identificar XXE](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/xxe/identificar-xxe.md)
- [Question-1](/mynotes/certifications-and-notes/web-pentesting/cwes/web-attacks/xxe/identificar-xxe/question-1.md)
- [File Inclusion](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion.md)
- [File Disclosure](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure.md)
- [Basic LFI - 1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure/basic-lfi-1.md)
- [LFI Bypass - 1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure/lfi-bypass-1.md)
- [PHP Filters - 1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/file-disclosure/php-filters-1.md)
- [Remote Code Execution](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution.md)
- [PHP Wrappers - 1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/php-wrappers-1.md)
- [RFI - 1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/rfi-1.md)
- [LFI & Uploads - 1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/lfi-and-uploads-1.md)
- [Log Poisoning - 1](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/remote-code-execution/log-poisoning-1.md)
- [Automation and Prevention](/mynotes/certifications-and-notes/web-pentesting/cwes/file-inclusion/automation-and-prevention.md)
- [Hacking WordPress](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress.md)
- [WordPress Core Version Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/wordpress-core-version-enumeration.md)
- [Plugins and Themes Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/plugins-and-themes-enumeration.md)
- [Directory Indexing](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/directory-indexing.md)
- [User Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/user-enumeration.md)
- [WPScan Enumeration](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/wpscan-enumeration.md)
- [Exploiting a Vulnerable Plugin](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/exploiting-a-vulnerable-plugin.md)
- [Attacking WordPress Users](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/attacking-wordpress-users.md)
- [Remote Code Execution (RCE) via the Theme Editor](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/remote-code-execution-rce-via-the-theme-editor.md)
- [Question](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/remote-code-execution-rce-via-the-theme-editor/question.md)
- [Attacking WordPress with Metasploit](/mynotes/certifications-and-notes/web-pentesting/cwes/hacking-wordpress/attacking-wordpress-with-metasploit.md)