> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Introduction

> Web application penetration testing techniques and attack references.

## Overview

Web security covers exploitation of vulnerabilities in web applications, from injection attacks and authentication bypasses to client-side exploits and API abuse.

Quick reference for web engagements and CTFs focused on web application security.

***

## What's Inside

<CardGroup cols={2}>
  <Card title="Injection" icon="syringe">
    SQL injection, command injection, SSTI, and XXE, extraction and exploitation techniques.
  </Card>

  <Card title="Authentication" icon="lock-open">
    Broken auth, JWT attacks, OAuth misconfigurations, and session hijacking.
  </Card>

  <Card title="Client-Side" icon="browser">
    XSS, CSRF, CORS misconfigurations, and clickjacking.
  </Card>

  <Card title="API & Logic" icon="code">
    API abuse, IDOR, broken object-level authorization, and business logic flaws.
  </Card>
</CardGroup>

***

<Note>
  Techniques documented for use in authorized environments only. CTF platforms, bug bounty programs, and applications with explicit permission to test.
</Note>

<Warning>
  This section is under active development. More techniques and pages are being added.
</Warning>
