# Web Pentest

- [Mind Maps](/jackmeister-playbook/web-pentest/mind-maps.md)
- [Server Site Attacks](/jackmeister-playbook/web-pentest/server-site-attacks.md)
- [php type juggling](/jackmeister-playbook/web-pentest/server-site-attacks/php-type-juggling.md)
- [SSTI](/jackmeister-playbook/web-pentest/server-site-attacks/ssti.md): Injecting templates from web
- [SQL](/jackmeister-playbook/web-pentest/server-site-attacks/sql.md)
- [PSG SQL](/jackmeister-playbook/web-pentest/server-site-attacks/sql/psg-sql.md)
- [SQL Database Uses](/jackmeister-playbook/web-pentest/server-site-attacks/sql/sql-database-uses.md)
- [SQL Injection](/jackmeister-playbook/web-pentest/server-site-attacks/sql/sql-injection.md)
- [Blind SQL injection](/jackmeister-playbook/web-pentest/server-site-attacks/sql/blind-sql-injection.md)
- [SQLITE injection](/jackmeister-playbook/web-pentest/server-site-attacks/sql/sqlite-injection.md)
- [psy shell](/jackmeister-playbook/web-pentest/server-site-attacks/psy-shell.md)
- [Recon](/jackmeister-playbook/web-pentest/recon.md)
- [DNS Hunting](/jackmeister-playbook/web-pentest/recon/dns-hunting.md)
- [Web Tech Hunting](/jackmeister-playbook/web-pentest/recon/web-tech-hunting.md)
- [Credentials Harvesting](/jackmeister-playbook/web-pentest/recon/credentials-harvesting.md)
- [Subdomain Hunting](/jackmeister-playbook/web-pentest/recon/subdomain-hunting.md)
- [Javascript Hunting](/jackmeister-playbook/web-pentest/recon/javascript-hunting.md)
- [Directory Brute Forcing](/jackmeister-playbook/web-pentest/directory-brute-forcing.md)
- [File Upload Tricks](/jackmeister-playbook/web-pentest/file-upload-tricks.md)
- [PHP htaccess and ASP web.config bypass](/jackmeister-playbook/web-pentest/file-upload-tricks/php-htaccess-and-asp-web.config-bypass.md)
- [PHP Exiftool edit and upload](/jackmeister-playbook/web-pentest/file-upload-tricks/php-exiftool-edit-and-upload.md)
- [PHP Extensions payloads / Cheatsheet](/jackmeister-playbook/web-pentest/file-upload-tricks/php-extensions-payloads-cheatsheet.md)
- [PHP disable\_functions bypass](/jackmeister-playbook/web-pentest/file-upload-tricks/php-disable_functions-bypass.md)
- [Client Site Attacks](/jackmeister-playbook/web-pentest/client-site-attacks.md)
- [Case Study - XSS-GPT](/jackmeister-playbook/web-pentest/client-site-attacks/case-study-xss-gpt.md)
- [XSS](/jackmeister-playbook/web-pentest/client-site-attacks/xss.md)
- [XSS All in one](/jackmeister-playbook/web-pentest/client-site-attacks/xss/xss-all-in-one.md)
- [XSS cookie stealing](/jackmeister-playbook/web-pentest/client-site-attacks/xss/xss-cookie-stealing.md)
- [Payloads / Cheatsheet](/jackmeister-playbook/web-pentest/client-site-attacks/xss/payloads-cheatsheet.md)
- [Javascript Crafting](/jackmeister-playbook/web-pentest/client-site-attacks/javascript-crafting.md)
- [PDF](/jackmeister-playbook/web-pentest/client-site-attacks/pdf.md)
- [CMS / Framework](/jackmeister-playbook/web-pentest/cms-framework.md)
- [apache / xampp](/jackmeister-playbook/web-pentest/cms-framework/apache-xampp.md)
- [Django](/jackmeister-playbook/web-pentest/cms-framework/django.md)
- [Manegto](/jackmeister-playbook/web-pentest/cms-framework/manegto.md)
- [Joomla](/jackmeister-playbook/web-pentest/cms-framework/joomla.md)
- [Jenkins](/jackmeister-playbook/web-pentest/cms-framework/jenkins.md)
- [Flask jinja2](/jackmeister-playbook/web-pentest/cms-framework/flask-jinja2.md)
- [tomcat](/jackmeister-playbook/web-pentest/cms-framework/tomcat.md)
- [Drupal](/jackmeister-playbook/web-pentest/cms-framework/drupal.md)
- [nodejs](/jackmeister-playbook/web-pentest/cms-framework/nodejs.md)
- [wordpress](/jackmeister-playbook/web-pentest/cms-framework/wordpress.md)
- [Google Dorking](/jackmeister-playbook/web-pentest/google-dorking.md)
- [API](/jackmeister-playbook/web-pentest/api.md)
- [Command Injection](/jackmeister-playbook/web-pentest/command-injection.md)
- [Command Injection Payloads/Cheatsheet](/jackmeister-playbook/web-pentest/command-injection/command-injection-payloads-cheatsheet.md)
- [Rewrite URL](/jackmeister-playbook/web-pentest/rewrite-url.md)
- [HTTP Request Smuggling (CL.TE)](/jackmeister-playbook/web-pentest/http-request-smuggling-cl.te.md)