This is a elborate CTF that involves WordPress explotations and uploading PHP Shell Scripts to gain access to the server!

Vulnérable PHP framework ready to be hacked!

This repo provides write-up of Vulnhub Machines

Attacking hosting webservers through WP-CLI

从官方 iso 中提取的 Web for Pentester 靶场

Based on eval function PHP one-line backdoor

Exploit mail function in php when admin disabled other functions like shell. Uses LD_PRELOAD

A small Php application to filter list of urls for live and non reachable urls.

IFS4103 PENTEST 1 Archived Content. Note that PENTEST 1 provides a simulated environment (webapp) and not legitimate application by a legitimate client. The documentation is only for informal use, hence the fixes are more generic as opposed to the final fixes in our report (not uploaded).

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. - security, pentesing tool

Write-Up for Jordi Serrano's "VulnWeb".

This is a webshell open source project

R4::Webshell

This project provides a comprehensive penetration testing audit, report, and fixed version of a website to improve site security. The report analyzes potential security risks and recommends actionable solutions. By identifying and addressing website vulnerabilities, this project helps ensure the safety and security of websites and their users.

Shella is a Webhell that Works on Windows or Linux Server

Some basic rooms writeup!!

All websites are belong to us. #pentesting

Web application based crackme / CTF.

Guided Technical Testing Assistant

A collection of Burpsuite Intruder payloads, fuzz lists and file uploads