🏁
HEGO Wiki
🏁
HEGO Wiki
  • ♦️Welcome!
  • Web Pentest Checklists
    • The Main One
    • Scope Based
    • OWASP Based
    • OTG Based
    • The General
  • Tools
    • 🔻Pointer
  • 🤖LLM Security
    • Garak - A Generative AI Red-teaming Tool
    • LLM Security / Pentest
    • LLM Prompt Injection
  • 🌎OWASP
    • LLM Security Verification Standard 0.0.1
      • Frontispiece
      • Preface
      • Utilizing the LLMSVS
      • Assessment and Certification
      • V1. Secure Configuration and Maintenance
      • V2. Model Lifecycle
      • V3. Real Time Learning
      • V4. Model Memory and Storage
      • V5. Secure LLM Integration
      • V6. Agents and Plugins
      • V7. Dependency and Component
      • V.8 Monitoring and Anomaly Detection
      • Appendix A: Glossary
    • OWASP LLM Top 10 V1.0
      • LLM01: Prompt Injections
      • LLM02: Insecure Output Handling
      • LLM03: Training Data Poisoning
      • LLM04: Model Denial of Service
      • LLM05: Supply Chain Vulnerabilities
      • LLM06: Sensitive Information Disclosure
      • LLM07: Insecure Plugin Design
      • LLM08: Excessive Agency
      • LLM09: Overreliance
      • LLM10: Model Theft
    • OWASP OTG Checklist
  • Web Attack
    • 👁️‍🗨️Web Attack Cheatsheet
    • 🟩HTB Cheet Sheet
    • ☮️Web Attacks Library
      • Request Smuggling
      • Kubernetes
      • Container - Docker Pentest
      • JWT - JSON Web Token
      • Insecure Source Code Management
      • Amazon Bucket S3 AWS
      • Business Logic Errors
      • Account Takeover
      • API Key Leaks
      • Broken Links
      • Bruteforcing
      • Clickjacking
      • Command Injection
      • Cookie Padding
      • CORS
      • Crawl/Fuzz
      • CRLF
      • CSP
      • CSRF
      • Deserialization
      • DNS rebinding
      • Email attacks
      • File upload
      • General Info
      • Header injections
      • IDOR
      • LFI/RFI
      • Online hashes cracked
      • Open Redirect
      • HTTP Parameter pollution
      • Prototype Pollution
      • Quick tricks
      • HTTP Request Smuggling
      • Session fixation
      • SQLi
      • SSRF
      • SSTI
      • Tabnabbing
      • VHosts
      • Web Cache Deception
      • Web Cache Poisoning
      • Webshells
      • Web Sockets
      • Cross Site Scripting - XSS
      • XXE
  • AI Security
    • AI-based system security
  • Attack Descriptions
    • 📖Web Attacks Documents
      • Blind SQL Injection
      • Brute Force
      • Clickjacking
      • Command Injection
      • CSP
      • CSRF
      • CVEs
      • Directory Listing
      • DOM XSS
      • HSTS
      • Insecure direct object references (IDOR)
      • LFI
      • Reflected XSS
      • Secure Flag
      • Server-side request forgery (SSRF)
      • Session Fixation
      • Sensitive Developer Comments
      • Session ID in URL
      • Shell Upload
      • SQL Injection
      • Stored XSS
      • Unencrypted communications
      • Unencrypted Data Transmission
      • Unlimit File Upload
      • Weak Session ID (Leads to IDOR)
  • 📺Tutorials
    • 📍YouTube Top Tutorials
  • 🗺️Methodology
    • Pentest Methodology
    • NahamSec Methodology
  • 🔍Asset Discovery
    • Google Dork
    • Shodan
    • Uncover
  • 📚Writeups
    • Bugbounty Reports
    • Top Paid Reports
    • Top 100 Upvoted Reports
  • 🧨Red Team
    • Red Team Cheatsheet
  • 👨‍🚀API Security Checklist
    • API Pentest Guide
      • VAMPI Setup
    • #01
    • #02
    • #03
    • REST Security Cheat Sheet
  • Burp Suite
    • 🧮Tips and Extensions
  • 🛡️Blue Team
    • Blue Team Cheatsheet
  • 💎HEGO Services
    • Who we are?
  • 🔱Credits
  • Contact me
    • 📬Contact
Powered by GitBook

♦️Welcome!

HEGO Offensive Cybersecurity Wiki

Welcome to HEGO Wiki, your ultimate resource for Offensive Cybersecurity hobbies. Explore our comprehensive collection of security checklists and gain invaluable insights into securing web applications, LLM and API effectively. Gain invaluable insights into securing different applications effectively and fortify your defenses. Whether you're learning or incorporating these techniques into your pentest reports, HEGO Wiki provides the knowledge you need to enhance application security.

  • Web Application Penetration Testing

  • Large Language Model Security & Pentest

  • API Penetration Testing

  • Bug Bounty Tips

  • Capture The Flag (CTF) Tricks

Use these checklists legally and ethically, ensuring proper authorization and permission before conducting any tests. Let's prioritize privacy and system integrity for a safer digital environment.

How to use it?

To effectively utilize the HEGO Wiki, simply review the checklist relevant to your testing objectives, follow the step-by-step instructions, and adapt them to your specific application environment. Regularly refer to the checklists as a comprehensive guide to ensure thorough testing and improved security of your web applications.

NextThe Main One

Last updated 6 months ago

On this page

Was this helpful?

YouTube
Github
Page cover image
Cover
Cover