> For the complete documentation index, see [llms.txt](https://calvin-lai.gitbook.io/calvin-lai-security/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing.md).

# Penetration Testing

- [Web Application PenTest](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/web-application-pentest.md)
- [Network/System PenTest](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/network-system-pentest.md)
- [Mobile Penetration Test](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/mobile-penetration-test.md)
- [Certificate Pinning](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/mobile-penetration-test/certificate-pinning.md): A security technique used in mobile app to ensure that the app communicates only with a specific server by validating the server's certificate against a known, hardcoded certificate or public key.
- [Certificate Pinning Bypass (Android)](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/mobile-penetration-test/certificate-pinning/certificate-pinning-bypass-android.md): Bypassing certificate pinning using three different methods: Frida, Xposed Framework with JustTrustMe, and Modifying APK.
- [Root a Android Device](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/mobile-penetration-test/certificate-pinning/certificate-pinning-bypass-android/root-a-android-device.md)
- [Setup Proxy Tool - Burp Suite](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/mobile-penetration-test/certificate-pinning/certificate-pinning-bypass-android/setup-proxy-tool-burp-suite.md)
- [Checklist](https://calvin-lai.gitbook.io/calvin-lai-security/penetration-testing/mobile-penetration-test/checklist.md)
