This repository contains list of web security related resources that you can use to gain new skills and extend knowledge
- awesome-web-security
- awesome-web-hacking
- awesome-bugbounty-writeups
- awesome-shodan-queries
- awesome-security web part
- awesome-nodejs-security
- Awesome Asset Discovery
- awesome-osint
- awesome-ruby-security
- awesome-threat-modeling
- static-analysis
- AWAE-Prep
- 31-day-of-api-security-tips
- XSS-payload-list
- api-security-best-practises
- resources-for-beginner-bug-bounty-hackers
- the-book-of-secret-knowledge
- my-arsenal-of-web-security-tools
- PayloadAllTheThings
- SecLists
- nginx-admins-handbook
- nodejs-best-practises
- HackTricks Web Pentesting
- HackTricks Cloud
- pentest-tools
- Web Hacking 101
- The Web Application Hacker's Handbook
- Web Application Security: Exploitation and Countermeasures for Modern Web Applications
- Web Security For Developers: Real Threats, Practical Defense
- Real-World Bug Hunting: A Field Guide to Web Hacking
- Web Application Security, A Beginner's Guide
- OpenSSL Cookbook
- Metasploit Unleashed
- Crypto 101
- OSWE
- OSWA
- eWPT
- eWPTX
- GWAPT
- BSCP
- HTB CBBH
- Certified API Security Analyst (CASA)
- API Security Certified Professional (ASCP) Exam
- TryHackMe
- PentesterLab
- Web Security Academy
- INE
- Offensive Security
- HackTheBox
- Web challenges
- Web requests
- JavaScript deobfuscation
- Hacking Wordpress
- File Inclusion/Directory Traversal
- SQL Injection Fundamentals
- Command Injection
- Attacking Web Applications with Ffuf
- Login bruteforcing
- SQLMap Essentials
- Introduction to Web Applications
- Intro to whitebox pentesting
- Whitebox attacks
- Web Service & API attacks
- Modern Web Exploitation Techniques
- Parameter logic bugs
- Advanced deserialization attacks
- RootMe
- HackThisSite
- Hack.me
- Hacker 101
- PentesterAcademy
- Cybrary
- SANS
- APISEC University