Penetration Testing
End-to-end pentest methodology covering networks, web apps, and increasingly AI features. Real engagement workflows from Lokesh Singh aka Mr Elite.
203 articles
Day 8: IDOR Bug Bounty Hunting — Find Insecure Direct Object Reference Vulnerabilities That Pay (2026)
Complete IDOR bug bounty hunting guide — what IDOR is, horizontal vs vertical privilege escalation, where to find IDORs, Burp…
Kali Linux Day 5: John the Ripper Tutorial — Crack Hashes, /etc/shadow, ZIP & PDF Passwords (Complete Guide 2026)
Complete John the Ripper tutorial for Kali Linux — identify hashes, crack /etc/shadow with unshadow, use wordlist mode, rule-based cracking,…
Metasploit Tutorial for Beginners 2026 — First Exploit to Root Shell in Your Home Lab (Step-by-Step)
The complete Metasploit tutorial for beginners 2026 — covering msfconsole basics, finding exploits, setting payloads, Meterpreter commands, post-exploitation, and a…
SQL Injection Tutorial for Beginners 2026 — From First Quote to Database Dump (Hands-On with DVWA + SQLmap)
SQL injection Tutorial from scratch in 2026 — what it is, why it works, manual exploitation step-by-step, DVWA lab setup,…
Day 19: Command Injection — When User Input Reaches the OS Shell (2026)
Day 19 of 100. Learn OS command injection, shell metacharacters, blind injection, DVWA lab walkthrough, and secure coding practices. One…
Kali Linux Day 4: Hydra Tutorial — Brute Force SSH, FTP, HTTP & 50+ Protocols (Complete Beginner Guide 2026)
Complete Hydra tutorial for Kali Linux — brute force SSH, FTP, HTTP login forms, RDP, MySQL, and 50+ protocols. Every…
Ethical Hacking Tools List 2026 — Every Tool Professionals Actually Use (Free + Paid, Ranked by Category)
The most complete ethical hacking tools list for 2026 — 60+ tools across 10 categories with honest tier ratings, free…
Day 18: File Upload Vulnerabilities — From Image Upload to Web Shell (2026)
Understand file upload vulnerabilities from first principles — how validation is bypassed, how web shells work, full DVWA demos at…
Nmap Commands with Examples 2026 — The Complete Reference (Every Flag, Every Scan Type, Free PDF Cheat Sheet)
Every Nmap commands with examples — covering all scan types, timing options, output formats, NSE scripts, firewall evasion techniques, and…