# Web applications

- [Recon - Server exposure](/web-applications/recon-server_exposure.md)
- [Recon - Hostnames discovery](/web-applications/recon-hostnames_discovery.md)
- [Recon - Application mapping](/web-applications/recon-application_mapping.md)
- [Recon - Attack surface overview](/web-applications/recon-attack_surface.md)
- [CMS & softwares](/web-applications/cms_and_softwares.md)
- [ColdFusion](/web-applications/cms_and_softwares/coldfusion.md)
- [DotNetNuke](/web-applications/cms_and_softwares/dotnetnuke.md)
- [Jenkins](/web-applications/cms_and_softwares/jenkins.md)
- [Jira](/web-applications/cms_and_softwares/jira.md)
- [Ovidentia](/web-applications/cms_and_softwares/ovidentia.md)
- [WordPress](/web-applications/cms_and_softwares/wordpress.md)
- [WebDAV](/web-applications/cms_and_softwares/webdav.md)
- [Exploitation - Overview](/web-applications/exploitation-overview.md)
- [Exploitation - Authentication](/web-applications/exploitation-authentication.md)
- [Exploitation - LDAP injections](/web-applications/exploitation-ldap_injections.md)
- [Exploitation - Local and remote file inclusions](/web-applications/exploitation-local_and_remote_file_inclusions.md)
- [Exploitation - File upload](/web-applications/exploitation-file_upload.md)
- [Exploitation - SQL injections](/web-applications/exploitation-sql_injections.md)
- [SQLMAP.md](/web-applications/exploitation-sql_injections/sqlmap.md)
- [MSSQL.md](/web-applications/exploitation-sql_injections/mssql.md)
- [MySQL.md](/web-applications/exploitation-sql_injections/mysql.md)
- [SQLite.md](/web-applications/exploitation-sql_injections/sqlite.md)
- [Exploitation - NoSQL injections](/web-applications/exploitation-nosql_injections.md)
- [NoSQLMap.md](/web-applications/exploitation-nosql_injections/nosqlmap.md)
- [mongoDB.md](/web-applications/exploitation-nosql_injections/mongodb.md)
- [Exploitation - GraphQL](/web-applications/exploitation-graphql.md)