====== Wiki ======

Welcome to the knowledge base.

===== TBHM Chapters =====

  * [[tbhm:01_philosophy|01 - Philosophy & Mindset]]
  * [[tbhm:02_discovery|02 - Discovery & Recon]]
  * [[tbhm:03_mapping|03 - Mapping the Attack Surface]]
  * [[tbhm:04_authorization|04 - Authorization & Session Management]]
  * [[tbhm:05_xss|05 - Cross-Site Scripting (XSS)]]
  * [[tbhm:06_sqli|06 - SQL Injection]]
  * [[tbhm:07_file_upload|07 - File Upload Vulnerabilities]]
  * [[tbhm:08_csrf|08 - CSRF]]
  * [[tbhm:09_privilege|09 - Privilege Escalation, Logic & Transport]]
  * [[tbhm:10_mobile|10 - Mobile Testing]]
  * [[tbhm:11_auxiliary|11 - Auxiliary Info & Tools]]
  * [[tbhm:12_idor|12 - IDOR]]
  * [[tbhm:fast_checklist|Fast Testing Checklist]]

===== Quick Reference =====

  * [[tbhm:start|TBHM Index]]
  * [[tbhm:fast_checklist|Fast Checklist]]
  * [[tbhm:02_discovery|Recon & Discovery]]
  * [[tbhm:05_xss|XSS]]
  * [[tbhm:06_sqli|SQLi]]
  * [[tbhm:04_authorization|Auth Bypass]]
  * [[tbhm:12_idor|IDOR]]

===== Zseano's Methodology =====

  * [[zseano:start|Methodology Index]]
  * [[zseano:philosophy|Philosophy & Principles]]
  * [[zseano:recon|Recon & Attack Surface]]
  * [[zseano:feature_checklist|Feature Testing Checklist]]
  * [[zseano:xss|XSS]] | [[zseano:csrf|CSRF]] | [[zseano:idor|IDOR]] | [[zseano:ssrf|SSRF]]
  * [[zseano:open_redirects|Open Redirects]] | [[zseano:sqli|SQLi]] | [[zseano:cors|CORS]]
  * [[zseano:auth_session|Auth & Session]] | [[zseano:logic_bugs|Logic Bugs]]
  * [[zseano:escalation|Bug Chaining]] | [[zseano:reporting|Reporting]]


===== Site Index =====

  * [[all_articles|All Articles]]