# Red Teaming - [WAF Exploitation](/home/notes/red-teaming/waf-exploitation.md): Techniques to exploit WAF - [Introduction to WAF](/home/notes/red-teaming/waf-exploitation/introduction-to-waf.md): Notes from the WAF Introduction room on TryHackMe. - [LLM Hacking](/home/notes/red-teaming/llm-hacking.md) - [System Prompts](/home/notes/red-teaming/llm-hacking/system-prompts.md) - [Jailbreaking](/home/notes/red-teaming/llm-hacking/jailbreaking.md) - [Prompt Injection](/home/notes/red-teaming/llm-hacking/prompt-injection.md) - [Improper Output Handling](/home/notes/red-teaming/llm-hacking/improper-output-handling.md) - [Sensitive Information Disclosure](/home/notes/red-teaming/llm-hacking/sensitive-information-disclosure.md) - [Web Pentesting](/home/notes/red-teaming/web-pentesting.md) - [SQL Injection](/home/notes/red-teaming/web-pentesting/sql-injection.md): https://tryhackme.com/room/advancedsqlinjection - [Stored SQLi](/home/notes/red-teaming/web-pentesting/sql-injection/stored-sqli.md) - [Filter Evasion](/home/notes/red-teaming/web-pentesting/sql-injection/filter-evasion.md): My notes from the Filter Evasion section in the Advanced SQLi room on TryHackme. - [HTTP Header Injection](/home/notes/red-teaming/web-pentesting/sql-injection/http-header-injection.md) - [Other Endpoints](/home/notes/red-teaming/web-pentesting/sql-injection/other-endpoints.md) - [Tools for Automation](/home/notes/red-teaming/web-pentesting/sql-injection/tools-for-automation.md) - [Tips for Pentesters](/home/notes/red-teaming/web-pentesting/sql-injection/tips-for-pentesters.md): Taken from the Advanced SQLi room in TryHackMe. - [NoSQL Injection](/home/notes/red-teaming/web-pentesting/nosql-injection.md): The notes I took while doing the NoSQLi Walkthrough on TryHackMe. - [Types of Injection](/home/notes/red-teaming/web-pentesting/nosql-injection/types-of-injection.md) - [Example 1](/home/notes/red-teaming/web-pentesting/nosql-injection/example-1.md) - [Example 2](/home/notes/red-teaming/web-pentesting/nosql-injection/example-2.md) - [Regex Operator](/home/notes/red-teaming/web-pentesting/nosql-injection/regex-operator.md) - [XXE Injection](/home/notes/red-teaming/web-pentesting/xxe-injection.md) - [XML Entities](/home/notes/red-teaming/web-pentesting/xxe-injection/xml-entities.md) - [XML Parser](/home/notes/red-teaming/web-pentesting/xxe-injection/xml-parser.md) - [Exploitation](/home/notes/red-teaming/web-pentesting/xxe-injection/exploitation.md) - [SSTI](/home/notes/red-teaming/web-pentesting/ssti.md): My notes on Server Side Template Injection taken while solving the SSTI walkthroughs on TryHackMe. - [Example 1](/home/notes/red-teaming/web-pentesting/ssti/example-1.md) - [SSTImap](/home/notes/red-teaming/web-pentesting/ssti/sstimap.md) - [LDAP](/home/notes/red-teaming/web-pentesting/ldap.md): Port 389 and 636 - [LDAP Search Queries](/home/notes/red-teaming/web-pentesting/ldap/ldap-search-queries.md) - [LDAP Injection](/home/notes/red-teaming/web-pentesting/ldap/ldap-injection.md) - [API Pentesting](/home/notes/red-teaming/api-pentesting.md): My notes on API Pentesting - [Server Side Parameter Pollution](/home/notes/red-teaming/api-pentesting/server-side-parameter-pollution.md) - [Server Side Parameter Pollution in REST paths](/home/notes/red-teaming/api-pentesting/server-side-parameter-pollution-in-rest-paths.md) - [Server Side Parameter Pollution in structured data formats](/home/notes/red-teaming/api-pentesting/server-side-parameter-pollution-in-structured-data-formats.md) - [SMB Enumeration](/home/notes/red-teaming/smb-enumeration.md): My basic notes on SMB Enumeration for reference.