When we're trying to pen test a website, before trying to use any tools or any other means, after we perform our information gathering, first browse the website. Just get a feel of the website, see what's installed on it, and try to exploit the features.

After going through the website, upload a file using the Upload tab. The website allows us to upload a file. Sometimes in penetration testing tasks, it could be a website that's allowing us to upload a profile picture or a classified website allowing us to upload pictures of cars:

As we can see in the preceding screenshot, the website expects us to choose and ...