- This repository documents a complete professional web application penetration testing lifecycle, focused on manual reconnaissance, exploitation reasoning, risk analysis, and executive reporting.
- It reflects real-world security consulting workflows used during authorized penetration tests and red team engagements.
- Understanding attack surfaces
- Identifying trust boundaries
- Chaining vulnerabilities
- Demonstrating real business impact
- OWASP Top 10
- OWASP API Security Top 10
- PTES (Penetration Testing Execution Standard)
- MITRE ATT&CK
- Real-world adversarial workflows
- Demonstrate end-to-end professional pentesting methodology
- Show how reconnaissance becomes exploitation paths
- Document manual testing commands and techniques
- Provide repeatable assessment workflows
- Showcase consulting-grade security thinking
- Reconnaissance & OSINT
- DNS & TLS Intelligence
- Active Enumeration
- HTTP & Routing Fingerprinting
- Application Attack Surface Mapping
- Parameter Discovery & Input Enumeration
- Authentication & Session Management
- Authorization & Access Control Testing
- Business Logic Testing
- Vulnerability Chaining & Attack Paths
- Risk Prioritization & Impact Analysis
- Reporting & Executive Communication
- Evidence-based
- Reproducible
- Business-impact focused
- Consultant-ready
pentesting-manual-techniques/ │ ├── 01-reconnaissance/ ├── 02-dns-and-tls-intelligence/ ├── 03-active-dns-enumeration/ ├── 04-http-and-routing-fingerprinting/ ├── 05-application-attack-surface-mapping/ ├── 06-parameter-discovery-and-input-enumeration/ ├── 07-authentication-and-session-management/ ├── 08-authorization-and-access-control/ ├── 09-business-logic-testing/ ├── 10-vulnerability-chaining-and-attack-paths/ ├── 11-risk-prioritization-and-impact-analysis/ ├── 12-reporting-and-executive-communication/ │ └── README.md
Each directory contains detailed methodology, commands, evidence examples, and professional testing workflows.
- Attack surface mapping identifies all reachable entry points where user-controlled input interacts with application logic.
- Authentication bypass
- IDOR testing
- Injection flaws
- Business logic abuse
- Privilege escalation
| Endpoint | Method | Parameters | Auth Required | Security Notes |
|---|---|---|---|---|
| /login | POST | email, password | No | Authentication entry point |
| /register | POST | email, password | No | Account creation logic |
| /api/user | GET | id | Yes | Potential IDOR |
| /upload | POST | file | Yes | File upload handling |
| /admin | GET | — | Yes | Privileged interface |
- Manual browsing and link traversal
- HTTP request inspection (Burp / curl)
- JavaScript endpoint discovery
- API enumeration
- Parameter mining
- Forced browsing analysis
- A complete attack surface prevents blind testing, reduces false positives, and allows prioritization of high-impact vulnerabilities early in the engagement.
This repository emphasizes:
- Manual testing over automation
- Reasoned exploitation
- Business risk mapping
- Client-ready documentation
- Ethical security research
It is designed to reflect how professional penetration testers operate in consulting and enterprise environments.
- All techniques documented here are for authorized security testing and educational purposes only.
- No live exploits, zero-day vulnerabilities, or unauthorized attack instructions are included.
Mishack (Chinaza) Victor Web, Network & Cloud Penetration Tester
OWASP • PTES • MITRE ATT&CK aligned
LinkedIn: https://www.linkedin.com/in/mishack-victor-728783358
Portfolio: https://www.harkarvogsecurity.com
Email: mishackvictor4@gmail.com
