PentestingEverything

🔜 Upcoming New Resource by this Month.

• New Module : OWASP Top 10 LLMs and Gen AI
• New Module : OWASP MCP Top 10
• New Module: Threat Modeling
• New Module : Design Review
• Update contents on OWASP Top 10:2025 ( Web Application)
• Update on automation for security asessment

Updated So Far: 2026

✅ iOS Pentesting Module </br> ✅ API Pentesting Module </br> ✅ SAST/Source Code Review </br> ✅ Thick Client Pentesting </br>

<div align="right"> <details> <summary >🌐 Language</summary> <div> <div align="right"> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=en">English</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=zh-CN">简体中文</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=zh-TW">繁體中文</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=ja">日本語</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=ko">한국어</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=hi">हिन्दी</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=th">ไทย</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=fr">Français</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=de">Deutsch</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=es">Español</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=it">Itapano</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=ru">Русский</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=pt">Português</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=nl">Nederlands</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=pl">Polski</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=ar">العربية</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=fa">فارسی</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=tr">Türkçe</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=vi">Tiếng Việt</a></p> <p><a href="https://openaitx.github.io/view.html?user=m14r41&project=PentestingEverything&lang=id">Bahasa Indonesia</a></p> </div> </div> </details> </div>

Table of Contents

| No. | Types of Pentesting | No. | Directory Name | | --- | --------------------------------------------------------------------------------------------------------------------------- | --- | ---------------------------------------------------------------------------------------------------------------------- | | 1 | Web Application Security | 11 | Active Directory Security | | 2 | API Security | 12 | Infrastructure Security | | 3 | Mobile Application Security | 13 | Threat Modeling | | 4 | Thick Client Application Security | 14 | IoT Security | | 5 | Source Code Review | 15 | OSINT (Open Source Intelligence) | | 6 | Network Security | 16 | Blockchain Security | | 7 | Wi-Fi Security | 17 | CI/CD Pipeline Security | | 8 | Cloud Security | 18 | Docker Container Security | | 9 | DevSecOps | 19 | Phishing Penetration Testing | | 10 | Configuration Review | 20 | Forensic Analysis |

---

| No. | Types of Pentesting | Description | | --- | ------------------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | | 1 | Web Application Security | Assess and secure web applications for vulnerabilities. | | 2 | API Security | Test and enhance the security of APIs and microservices. | | 3 | Mobile Application Security | Evaluate the security of mobile apps and devices. | | 4 | Thick Client Application Security | Assess thick client applications for security issues. | | 5 | Source Code Review | Analyze source code to identify and rectify vulnerabilities. | | 6 | Network Security | Secure networks by identifying and addressing weaknesses. | | 7 | Wi-Fi Network Security | Evaluate the security of Wi-Fi networks and access points. | | 8 | Cloud Security | Assess the security of cloud-based systems and services. | | 9 | Active Directory Security | Evaluate the security of Active Directory environments. | | 10 | Infrastructure Security | Secure the underlying IT infrastructure and assets. | | 11 | Threat Modeling | Model and assess threats to enhance system security. | | 12 | IoT Security | Identify and mitigate vulnerabilities in IoT devices. | | 13 | OSINT (Open Source Intelligence) | Gather intelligence from open sources for security analysis. | | 14 | Blockchain Security | Assess blockchain systems for security and compliance. | | 15 | CI/CD Pipeline Security | Evaluate the security of continuous integration pipelines. | | 16 | Docker Container Security | Secure Docker containers and containerized applications. | | 17 | DevSecOps | Integrate se