Exploitation is probably everyone favorite portion of a penetration test.  It is where we get to actually launch attacks.  The scripts in this section will target vulnerabilities in the target and the leverage these to further our penetration.

----

[[TYPO3 CMS Insecure Randomness Exploit]] - [[http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/|REF: TYPO3-SA-2009-001]] [[http://www.c22.cc/advisories/typo3-sa-2009-001/|Detailed Advisory - c22.cc]]

[[/exploitation/mysql|Tools for attacking MySQL]]

[[/exploitation/apache_expect_xss|Apache EXPECT Header XSS POC]]

[[/exploitation/apache_413_xss|Apache 413 Error Message XSS POC]]

[[/exploitation/bash_web_parameter_fuzzer|Bash Web Parameter Fuzzer]]

[[/exploitation/get_to_post|XSS GET to POST]]

[[/exploitation/sqlinjector|MySQL Blind SQL Injector]]

[[/exploitation/p0wnpr0xy|p0wnpr0xy - Proxy for SQLMap]]