Web Application Hacking

 

Web Application Information Gathering

https://zsahi.wordpress.com/2018/09/04/web-application-information-gathering/

Finding Subdomains

https://zsahi.wordpress.com/2018/08/25/finding-subdomains/

How to find real IP Address of website behind a could based firewall

https://zsahi.wordpress.com/2018/08/25/how-to-find-real-ip-address-of-website-behind-a-could-based-firewall/

censys

https://zsahi.wordpress.com/2018/08/26/censys/

Shodan

https://zsahi.wordpress.com/2018/08/26/shodan/

File Inclusion

https://zsahi.wordpress.com/2018/09/10/file-inclusion/

Reverse Shells

https://zsahi.wordpress.com/reverse-shell/

Escalating XSS to control browser with malicius AJAX payload injection

https://zsahi.wordpress.com/2018/07/28/escalating-xss-to-control-browser-with-malicius-ajax-payload-injection/