Web Pentesting

This repository contains hands-on training content on how to attack a Website.

1. Web Basics
2. AWS Basics
3. Web Attacks
   • Exploiting XML External Entity (XXE)
   • PostgreSQL Injection
   • Exploiting Tomcat Virtual Host Manager
   • "shellshock": Exploiting Apache's CGI module
   • JWT Toolkit: Attacking JWT Tokens
   • Gym Management System 1.0 - Unauthenticated Remote Code Execution
   • NetMon RCE