🔏
s0cm0nkey's Security Reference Guide
  • All of the Best Links and Resources on Cyber Security.
  • Cyber Intelligence
    • OSINT
      • Search Engines
        • Goohak.sh Code
        • Google Dorking
      • Cyber Search Engines
      • Dark-Web Search
      • IP Address
      • Domain
      • Username/Email
      • Name, Phone, Gov Record
      • SOCMINT - Social Media
      • Files/Media/Breach/Paste/Code
      • Misc OSINT
    • Intel Feeds and Sources
    • Threat Data
  • Red - Offensive Operations
    • Reconnaissance and Scanning
      • Recon Frameworks
      • NMAP
      • Burp Suite
      • Web App Testing Frameworks
      • Web App Scanning Utilities
    • Exploitation and Targets
      • Offensive Frameworks
      • Shells
      • MSFVenom Commands
      • Exploitation by Port
      • Web App Vulnerabilities
        • Broken Authentication
        • Business Logic Flaws
        • Clickjacking
        • Command Injection
        • CSRF
        • Deserialization
        • HTTP Host Header Attacks
        • HTTP Request Smuggling
        • Insecure Direct Object Reference
        • SQL Injection
          • SQL Tips and Tricks
          • SQL Basics
          • Manual Injection Methodology
        • Web Cache Poisoning
        • Web Sockets
        • XXE - XML External Entity Attacks
        • XSS Cross-Site Scripting
      • Web Technologies
        • SSL/TLS and Certificates
        • OAuth 2.0
        • Web Application Firewall
      • Special Targets
      • Exploit Dev/Buffer Overflow
    • Post Exploitation
      • C2 Frameworks
      • Persistence
      • Defense Evasion
      • Enumeration and Harvesting
      • File Transfer
      • Network Attacks /Harvesting/MITM
      • Privilege Escalation
      • Meterpreter Post-Auth Runbook
    • Attacking Active Directory
    • Lateral Movement
    • Password Attacks
    • Web App Hacking
    • Red/Purple Teaming
    • Physical Security Testing
    • Wireless Hacking
    • Social Engineering
    • Offensive Toolbox
      • Utility Commands
  • Blue - Defensive Operations
    • Standards, Frameworks, and Benchmarks
    • Query Languages
    • Event and Log analysis
    • Event Detection
      • SIEM and Enrichment
      • Sysmon
      • IDS/IPS
      • Detection Use Cases
        • DNS
        • HTTP(S)
        • Email
        • Endpoint
        • Command Line
        • Authentication/Logon
        • General Network Traffic
        • User Behavior monitoring
        • Detection Use Cases - Book Reference
        • Windows Event ID logging list
    • Packet Analysis
    • Threat Hunting
    • Active Defense
    • Device Auditing and Hardening
      • Windows Hardening Commands
      • AD Security Checks
    • Stegonography
    • Asset and Vulnerability Management.
    • Blue ToolBox
  • Blue - DFIR: Digital Forensics and Incident Response
    • Interact with remote machine
    • Windows System Enumeration
    • Windows Process Information
    • Windows DFIR Checks
    • Windows DFIR Check by MITRE Tactic
    • Windows Event Logs
    • Windows Remediation Commands
    • IR Event Log Cheatsheet
    • Linux DFIR Commands
    • MacOS DFIR Commands
    • YARA
    • Memory Forensics
      • Volatility
    • Sandboxing
    • File/Binary Analysis
    • Malware
    • Reverse Engineering
  • Yellow - NetEng/SysAdmin
  • Yellow - Logging and Security Architecture
    • How create a logging strategy
    • Logging - Network Services
    • Logging - Endpoint Logs
    • Logging - User Behavior Monitoring
    • Logging - Cloud
    • Device Discovery and Asset Monitoring
    • Log Source Evaluation
  • Yellow - Cloud
  • Yellow - Containers
  • Yellow - Code and CLI
    • Bash
      • CLI Components
      • Common Commands
      • Install Scripts
      • NMAP Diffing
      • Heartbleed Vuln Check
    • Powershell
      • Common Commands
    • Regex
    • Learn to Code
  • Yellow - AI, Machine Learning, and FOSS
  • Grey - Privacy/TOR/OPSEC
    • Jolly Roger's Security for Beginners
    • PGP Guide
    • TOR
  • Training and Resources
    • Cyber Security Certifications
      • OSCP
    • Books and Reading
    • The Awesome Lists
    • Practice Lab
    • CTF
Powered by GitBook
On this page
  • Web App Testing Resources
  • Bug Bounty
  • Web Technologies
  • Attacks and Vulnerabilities
  • Training and Resources

Was this helpful?

  1. Red - Offensive Operations

Web App Hacking

PreviousPassword AttacksNextRed/Purple Teaming

Last updated 2 years ago

Was this helpful?

Web App Testing Resources

  • - comprehensive guide to testing the security of web applications and web services created by the OWASP foundation.

    • - Guide to the top ten most common vulnerabilities encountered in web app pentesting.

    • (PDF)

    • - CREST's New application secuyrity standard built with OWASP AVS.

  • - Written by Carlos Pollop, the creator of and . Everything this guy makes is gold. Highest of recommendations

  • - Written by the Jason Haddix, this repo details his toolset and methodology for web app penetration testing.

  • - Amazing collaborative project documenting testing methodology for different web application vulnerabilities.

Resources

There is a bug bounty focused search engine at that can point you in the direction of tools, attacks, methodology, writeups, anything you want. It is amazing.

  • Operator Handbook: Web_Exploit - pg.318

Bug Bounty

Platforms

  • Methodology

  • Resource collections

  • Write-up tools

    • Bug Bounty Reconnaissance Framework (BBRF)

  • Write-ups and Scopes

Web Technologies

Attacks and Vulnerabilities

Training and Resources

For resources including offensive security courses, books, CTFs and much more, please check out the Training and Resources section of this guide.

- Everything that isnt posted on , this site is the blog for the research done by PortSwigger's Head of research, James Kettle.

- Tools and attacks for specific web services.

- Great Methodology MindMap

- is a comprehensive curated list of available Bug Bounty.

— Bug bounty search engine

- is a curated list of bugbounty writeups.

- This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

- is a list of bug bounty write-ups.

- list of bug bounty writeups (2012-2020).

- completely ridiculous API (crAPI) will help you to understand the ten most critical API security risks. crAPI is vulnerable by design, but you'll be able to safely run it to educate/train yourself.

OWASP Web Security Testing Guide
https://owasp.org/www-project-top-ten/
OWASP Testing Guide 4.0
https://www.crest-approved.org/membership/crest-ovs-programme/
Hacktricks Web Pentesting Guide
WinPEAS
LinPEAS
The Bug Hunters Methodology
Jason's Presentation of TBHM 2.0
Updated info of TBHM 4.02
HowToHunt
https://kathan19.gitbook.io/howtohunt/checklist/web-application-pentesting-checklist
https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6
https://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Checklist_by_Chintan_Gurjar.pdf
https://github.com/KathanP19/HowToHunt/blob/master/CheckList/mindmap.png
https://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Penetration_Testing_Methodology%402x.png
https://github.com/jassics/security-study-plan/blob/main/web-pentest-study-plan.md
https://www.bugbountyhunting.com/?
bug-bounty-methodology-m ethodology-toolkit-tips-tricks-blogs-v-1-0
bug-bounty-methodology-ttp-tacticstechniques-and-procedures-v-2-0
https://pentestbook.six2dez.com/others/web-checklist
https://pentestbook.six2dez.com/others/web-fuzzers-comparision
https://github.com/daffainfo/AllAboutBugBounty/blob/master/Recon/Scope.md
Awesome Lists Collection: Web Hacking
Awesome Lists Collection: Web Security
Awesome Lists Collection: Hacker API Tools
Awesome Lists Collection: Application Security
InfoSec Reference: Web and Web Applications.
InfoSec Reference: Fuzzing
Bug Bounty Forum's Tool List
EdOverflow/bugbounty-cheatsheet
yasinS/bug-bounty-reference
Shiva108/Web-CTF-Cheatsheet
Daniel Meissler's Web Security Testing Resources
Web App Hacking Research by James Kettle
PortSwigger.com/research
Web App Payload Collection
https://pentestbook.six2dez.com/enumeration/webservices/
https://www.hackerone.com/
https://www.bugcrowd.com/
https://bugcrowd.com/programs/organizations/cisa
https://www.synack.com/
https://cobalt.io/
https://www.intigriti.com
https://www.zerocopter.com/
https://www.yeswehack.com/
https://www.antihack.me/
https://securebug.se/
https://www.openbugbounty.org/
https://security.apple.com/
https://github.com/Cyber-Guy1/theCyberGuy_Recon_V1.0
https://labs.detectify.com/2021/11/30/hakluke-creating-the-perfect-bug-bounty-automation
awesome-bug-bounty
Firebounty
https://github.com/honoki/bbrf-client
https://github.com/honoki/bbrf-server
https://honoki.net/2020/10/08/introducing-bbrf-yet-another-bug-bounty-reconnaissance-framework/
Awesome-Bugbounty-Writeups
bounty-targets-data
bug-bounty-reference
Bug bounty writeups
Web Technologies
Web App Vulnerabilities
https://tryhackme.com/module/intro-to-web-hacking
crAPI
Training and Resources