# Web pentest

- [Reconnaissance](/0x2irix/markdown/reconnaissance.md)
- [Server-side template injection \[SSTI\]](/0x2irix/markdown/server-side-template-injection-ssti.md)
- [HTTP Host header attacks](/0x2irix/markdown/http-host-header-attacks.md)
- [Password reset poisoning via dangling markup](/0x2irix/markdown/http-host-header-attacks/password-reset-poisoning-via-dangling-markup.md)
- [Cross-Site Request Forgery \[CSRF\]](/0x2irix/markdown/cross-site-request-forgery-csrf.md)
- [Race Conditions](/0x2irix/markdown/race-conditions.md)
- [information disclosure](/0x2irix/markdown/information-disclosure.md)
- [Check list](/0x2irix/markdown/check-list.md)