Red - Web App Hacking - s0cm0nkey's Security Reference Guide

Red - Web App Hacking
Web App Testing Resources
Guides
​OWASP Web Security Testing Guide -  comprehensive guide to testing the security of web applications and web services created by the OWASP foundation.
​https://owasp.org/www-project-top-ten/ - Guide to the top ten most common vulnerabilities encountered in web app pentesting.
​OWASP Testing Guide 4.0 (PDF)
​Hacktricks Web Pentesting Guide - Written by Carlos Pollop, the creator of WinPEAS and LinPEAS. Everything this guy makes is gold. Highest of recommendations
​The Bug Hunters Methodology - Written by the Jason Haddix, this repo details his toolset and methodology for web app penetration testing.
​Jason's Presentation of TBHM 2.0​
​Updated info of TBHM 4.02​
​HowToHunt - Amazing collaborative project documenting testing methodology for different web application vulnerabilities.
​https://kathan19.gitbook.io/howtohunt/checklist/web-application-pentesting-checklist​
​https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6​
​https://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Checklist_by_Chintan_Gurjar.pdf​
​https://github.com/KathanP19/HowToHunt/blob/master/CheckList/mindmap.png​
​https://github.com/KathanP19/HowToHunt/blob/master/CheckList/Web_Penetration_Testing_Methodology%402x.png​
Resources
There is a bug bounty focused search engine at https://www.bugbountyhunting.com/? that can point you in the direction of  tools, attacks, methodology, writeups, anything you want. It is amazing.
​bug-bounty-methodology-m ethodology-toolkit-tips-tricks-blogs-v-1-0​
​bug-bounty-methodology-ttp-tacticstechniques-and-procedures-v-2-0​
​https://pentestbook.six2dez.com/others/web-checklist​
​https://pentestbook.six2dez.com/others/web-fuzzers-comparision​
​https://github.com/daffainfo/AllAboutBugBounty/blob/master/Recon/Scope.md​
Operator Handbook: Web_Exploit - pg.318
Resource Collections
​Awesome Lists Collection: Web Hacking​
​Awesome Lists Collection: Web Security​
​Awesome Lists Collection: Hacker API Tools​
​Awesome Lists Collection: Application Security​
​InfoSec Reference: Web and Web Applications.​
​InfoSec Reference: Fuzzing​
​Bug Bounty Forum's Tool List​
​EdOverflow/bugbounty-cheatsheet​
​yasinS/bug-bounty-reference​
​Shiva108/Web-CTF-Cheatsheet​
​Daniel Meissler's Web Security Testing Resources​
​Web App Hacking Research by James Kettle - Everything that isnt posted on PortSwigger.com/research, this site is the blog for the research done by PortSwigger's Head of research, James Kettle.
​Web App Payload Collection​
​https://pentestbook.six2dez.com/enumeration/webservices/ - Tools and attacks for specific web services.
Bug Bounty
Platforms
​https://www.hackerone.com/​
​https://www.bugcrowd.com/​
​https://bugcrowd.com/programs/organizations/cisa​
​https://www.synack.com/​
​https://cobalt.io/​
​https://www.intigriti.com​
​https://www.zerocopter.com/​
​https://www.yeswehack.com/​
​https://www.antihack.me/​
​https://securebug.se/​
​https://www.openbugbounty.org/​
Resources and Reference
Methodology
​https://github.com/Cyber-Guy1/theCyberGuy_Recon_V1.0 - Great Methodology MindMap
​https://labs.detectify.com/2021/11/30/hakluke-creating-the-perfect-bug-bounty-automation​
Resource collections
​awesome-bug-bounty - is a comprehensive curated list of available Bug Bounty.
​Firebounty — Bug bounty search engine
Write-up tools
Bug Bounty Reconnaissance Framework (BBRF)
​https://github.com/honoki/bbrf-client​
​https://github.com/honoki/bbrf-server​
​https://honoki.net/2020/10/08/introducing-bbrf-yet-another-bug-bounty-reconnaissance-framework/​
Write-ups and Scopes
​Awesome-Bugbounty-Writeups - is a curated list of bugbounty writeups.
​bounty-targets-data - This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports
​bug-bounty-reference - is a list of bug bounty write-ups.
​Bug bounty writeups - list of bug bounty writeups (2012-2020).
Web App Testing Frameworks
Burp Suite
Web App Testing Frameworks
Scanning Utilities
Scanning Utilities
Mapping the Site
Mapping the Site
Web Technologies
Web Technologies
Attacks and Vulnerabilities
Attacks and Vulnerabilities
Misc Tools
​https://www.webgap.io/ - WEBGAP remote browser isolation physically isolates you from the risks of using the internet by isolating your web browsing activity away from your local device.
​https://requestbin.com/ - A modern request bin to collect, inspect and debug HTTP requests and webhooks
​Race-the-web - Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.
​DVCS-Ripper - Rip web accessible (distributed) version control systems: SVN, GIT, Mercurial/hg, bzr, etc.
​SSLStrip - This is a new version of [Moxie´s SSLstrip] (http://www.thoughtcrime.org/software/sslstrip/) with the new feature to avoid HTTP Strict Transport Security (HSTS) protection mechanism.
​BB King's Quieter Firefox template - Stripped down Firefox with no callouts to throw off traffic. Great for testing of all sorts.
​Unfurl - Tool for breaking down a URL to better understand its components.Fake credit card numbers for testing payment systems
​Credit Cards numbers for use in testing
​interactsh - An OOB interaction gathering server and client library
​https://app.interactsh.com/​
​Firebounty — Bug bounty search engine
​https://github.com/brevityinmotion/goodfaith - A tool that helps you stay within scope for bug bounty recon automation.
Training and Resources
For resources including offensive security courses, books, CTFs and much more, please check out the Training and Resources section of this guide.
​https://tryhackme.com/module/intro-to-web-hacking​
​crAPI - completely ridiculous API (crAPI) will help you to understand the ten most critical API security risks. crAPI is vulnerable by design, but you'll be able to safely run it to educate/train yourself.
Training and Resources