A MUST have for anyone who is experienced or new to API/Web Application penetration testing.
Category: Web Application Pen Testing
Web App Pen Test against SalesForce
First step in a web application penetration test against SalesForce.
Burp Extension for Adobe Web Apps; Sign me up
This is a must-have Burp Suite Extension for when you're testing Adobe (AEM) web applications. Use this first, then run aem_hacker to double check!
Interesting Wordlist Added to TreeHouse Wordlists
Still working on TreeHouse Wordlists. Found a super interesting resource, called DomainsProject. Check it out!!
ALL THINGS SSRF
Whether you're a Bug Bounty Hunter, Penetration Tester, Student, Researcher, CTF Player or all of the above, this knowledge about SSRF's certainly can't hurt.
Under Utilized Tools/Resources #80
A extensive "new" XSS wordlist! Grab it now while it's hot for your next web app pen test!
Under Utilized Tools/Resources #76
A OSINT tool, perfect for external penetation tests. Specifically this tool searches GitHub and Gitlab commit files!
Under Utilized Tools/Resources #75
An external recon tool that every pen tester and ethical hacker should have in their arsenal
Under Utilized Tools/Resources #74
An extensive iOS penetration testing guide and documentation.
Under Utilized Tools/Resources #73
Another right-wing database dump? Mmkkay