Pentestwiki

The most comprehensive free Penetration Testing Wiki

pentestwiki.org is a wiki dedicated to professional penetration testing, offensive security and ethical hacking knowledge, techniques, tools and everything related. It is based in standards such as PTES, CEH, OSSTMM among others.

New YouTube channel

INFRASTRUCTURE PENETRATION TESTING

The most important foundation in Penetration Testing and Read Team Operations based on standards such as PTES, CEH, OSSTMM among others

● PHASE I: Reconnaissance

● PHASE II: Scanning

● PHASE III: Enumeration

● PHASE IV: Exploitation

● PHASE V: Post exploitation

● PHASE VI: Covering Tracks

● PHASE VII: Lateral Movement

WEB APPLICATION PENETRATION TESTING

Learn how to perform Web Application Penetration Testing to test websites, APIs, SQL injections, SSL/TLS attacks and OWASP TOP 10

Intro to web application testing

Types of Web Application Attacks

OWASP TOP 10 explained

Attacks on SSL/TLS protocols

Webpentest through SOCKS proxy

Tools for Web Penetration Testing

MOBILE APPLICATION PENETRATION TESTING

Learn how to hack mobile apps for Android and iOS and protect them against tampering

Static Analysis for Android and iOS

Dynamic Analysis for Android and iOS

Protections to mitigate attacks

RED TEAMING

Red teaming tools to test defensive systems and simulate advanced attacks

Tools and Frameworks for RED TEAMS

Tools and Frameworks for BLUE TEAMS

Tools and Frameworks for APPLICATION SECURITY

Latest from blog

Because Computer Security matters…

Interactsh: Open-Source OOB solution for SSRF, Blind SQLi, … in Kali Linux

Project Discovery, the same people behind Nuclei scanner that allows you to customize vulnerability scanning from YAML templates, just released another awesome project called Interactsh. To keep it quick and[…]

Read more
Cybersecurity Android Apps

Hacking Android apps in Windows with Frida (Part I)

Frida is a dynamic instrumentation toolkit to debug and analyze processes in multiple platforms (Windows, Linux, MacOS, Android, iOS, …). First thing before install frida-tools, you we’ll need python 3.x[…]

Read more

Fuzzing with Radamsa in BlackArch

Radamsa is a test case generator, it receives some input data and then it scrambles it to return some random data. Random is truly random, that means that you can[…]

Read more

About DEFENSAHACKER

Jacobo Avariento

Founder & Hacker-In-Chief

With more than 15 years in the cybersecurity industry as a consultant and penetration tester working for top tier banks, the European Central Bank, pharmaceutical, automotive and gaming companies.

Contact me