Cool Web App Pentesting resources collection
from: Muhammad Gamal
-----------------Hacking Bible---------------------- https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
-----------------WAFs------------ https://github.com/0xInfection/Awesome-WAF
-----------------Book of BugBountyTips-------------- https://gowsundar.gitbook.io/book-of-bugbounty-tips/
-----------------Bug bounty writeups---------------- https://pentester.land/list-of-bug-bounty-writeups.html#bug-bounty-writeups-published-in-2019
-----------------BUG BOUNTY HUNTING GUIDE-------------- https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
-----------------Bug Bounty Reference-------------- https://github.com/ngalongc/bug-bounty-reference
-----------------Guide to Basic Recon-------------- https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
-----------------BugBounty Slack Archives---------- https://bugbountyworld.com/slack-archives/
-----------------Getting started in Bug Bounty------ https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a
-------Web Application Penetration Testing Notes---- https://techvomit.net/web-application-penetration-testing-notes/
-----------------Penetration Test Guide-------------- https://github.com/Voorivex/pentest-guide
-----------------the-book-of-secret-knowledge-------- https://github.com/trimstray/the-book-of-secret-knowledge#your-daily-knowledge-and-news-toc
-----------------pentest_compilation----------------- https://github.com/adon90/pentest_compilation#iptablesred
-----------------BugBounty-Reader-------------------- https://bugreader.com/
-----------------RedTeam Guide----------------------- https://ired.team/
-----------------Awesome-BugBounty-reference--------- https://github.com/djadmin/awesome-bug-bounty
-----------------Hackerone-Writeup-guide-------------- http://h1.nobbd.de/
--------Peter Yaworski - Web Bug Hunting Notes-------- https://www59 .zippyshare .com/v/iMR42GcL/file.html
Remove the spaces
----------Bug Bounty Cheat Sheet---------------------- https://github.com/EdOverflow/bugbounty-cheatsheet
from: Muhammad Gamal
-----------------Hacking Bible---------------------- https://github.com/blaCCkHatHacEEkr/PENTESTING-BIBLE
-----------------WAFs------------ https://github.com/0xInfection/Awesome-WAF
-----------------Book of BugBountyTips-------------- https://gowsundar.gitbook.io/book-of-bugbounty-tips/
-----------------Bug bounty writeups---------------- https://pentester.land/list-of-bug-bounty-writeups.html#bug-bounty-writeups-published-in-2019
-----------------BUG BOUNTY HUNTING GUIDE-------------- https://medium.com/bugbountywriteup/bug-bounty-hunting-methodology-toolkit-tips-tricks-blogs-ef6542301c65
-----------------Bug Bounty Reference-------------- https://github.com/ngalongc/bug-bounty-reference
-----------------Guide to Basic Recon-------------- https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
-----------------BugBounty Slack Archives---------- https://bugbountyworld.com/slack-archives/
-----------------Getting started in Bug Bounty------ https://medium.com/@ehsahil/getting-started-in-bug-bounty-7052da28445a
-------Web Application Penetration Testing Notes---- https://techvomit.net/web-application-penetration-testing-notes/
-----------------Penetration Test Guide-------------- https://github.com/Voorivex/pentest-guide
-----------------the-book-of-secret-knowledge-------- https://github.com/trimstray/the-book-of-secret-knowledge#your-daily-knowledge-and-news-toc
-----------------pentest_compilation----------------- https://github.com/adon90/pentest_compilation#iptablesred
-----------------BugBounty-Reader-------------------- https://bugreader.com/
-----------------RedTeam Guide----------------------- https://ired.team/
-----------------Awesome-BugBounty-reference--------- https://github.com/djadmin/awesome-bug-bounty
-----------------Hackerone-Writeup-guide-------------- http://h1.nobbd.de/
--------Peter Yaworski - Web Bug Hunting Notes-------- https://www59 .zippyshare .com/v/iMR42GcL/file.html
Remove the spaces
----------Bug Bounty Cheat Sheet---------------------- https://github.com/EdOverflow/bugbounty-cheatsheet
GitHub
GitHub - blaCCkHatHacEEkr/PENTESTING-BIBLE: articles
articles. Contribute to blaCCkHatHacEEkr/PENTESTING-BIBLE development by creating an account on GitHub.
Resources:
[+] CTF Calender:
http://ctftime.org
[+] Write-ups to learn CTF
https://github.com/ctfs/
[+] How to start CTF
https://trailofbits.github.io/ctf/
[+] Starter CTF
https://picoctf.com
https://ctf.tamu.edu
https://www.easyctf.com/
[+] Hard CTF
http://plaidctf.com
https://ctf.hitcon.org
https://ctf.csaw.io/
http://dragonsector.pl/
[+] PHP Challenge (Real World CTF)
https://hackmd.io/s/rJlfZva0m
[+] Networking / Linux Challenges
http://overthewire.org/wargames/
[+] VPS (Virtual Private Server)
https://digitalocean.com
[+] Hack The Box (Pentesting style CTF)
http://hackthebox.eu
[+] Web Application CTF
http://websec.fr
[+] Binary Exploitation CTF
https://pwnable.kr
https://pwnable.tw
[+] Reverse Engineering CTF
https://reversing.kr
[+] Cryptography
https://cryptopals.com
https://www.coursera.org/learn/crypto
[+] InfoSec Youtube Channels:
https://www.youtube.com/user/GynvaelE...
https://www.youtube.com/channel/UClcE...
https://www.youtube.com/user/OpenSecu...
https://www.youtube.com/channel/UC--D...
https://www.youtube.com/channel/UCSLl...
[+] For Security News:
https://www.reddit.com/r/netsec
https://www.reddit.com/r/securityCTF
[+] CTF Calender:
http://ctftime.org
[+] Write-ups to learn CTF
https://github.com/ctfs/
[+] How to start CTF
https://trailofbits.github.io/ctf/
[+] Starter CTF
https://picoctf.com
https://ctf.tamu.edu
https://www.easyctf.com/
[+] Hard CTF
http://plaidctf.com
https://ctf.hitcon.org
https://ctf.csaw.io/
http://dragonsector.pl/
[+] PHP Challenge (Real World CTF)
https://hackmd.io/s/rJlfZva0m
[+] Networking / Linux Challenges
http://overthewire.org/wargames/
[+] VPS (Virtual Private Server)
https://digitalocean.com
[+] Hack The Box (Pentesting style CTF)
http://hackthebox.eu
[+] Web Application CTF
http://websec.fr
[+] Binary Exploitation CTF
https://pwnable.kr
https://pwnable.tw
[+] Reverse Engineering CTF
https://reversing.kr
[+] Cryptography
https://cryptopals.com
https://www.coursera.org/learn/crypto
[+] InfoSec Youtube Channels:
https://www.youtube.com/user/GynvaelE...
https://www.youtube.com/channel/UClcE...
https://www.youtube.com/user/OpenSecu...
https://www.youtube.com/channel/UC--D...
https://www.youtube.com/channel/UCSLl...
[+] For Security News:
https://www.reddit.com/r/netsec
https://www.reddit.com/r/securityCTF
ctftime.org
CTFtime.org / All about CTF (Capture The Flag)
Capture The Flag, CTF teams, CTF ratings, CTF archive, CTF writeups
[ Talks (Bug Bounty) ] :
1. Bug Bounty Field Manual (Adam Bacchus) =
https://www.youtube.com/watch?v=aNyK1yVLLRI
2. Tales of a Bug Bounty Hunter (Arne Swinnen) =
https://www.youtube.com/watch?v=Ehq6ofUbslI
3. Doing Recon Like a Boss (Ben Sadeghipour) : https://www.youtube.com/watch?v=1Kg0_53ZEq8
4. Bug Bounty Hunters Lessons From Darth Vader = https://www.youtube.com/watch?v=DB42tvvJhHw
5. Attacking Modern Web Technologies (Frans Rosén) = https://www.youtube.com/watch?v=vRqcUS4CPFs
6. How to Win Over Security Teams and Gain Influence (Frans Rosén) = https://www.youtube.com/watch?v=Uyjkgsu-mrU
7. Bug Bounty Hunting Methodology V3 (Jason Haddix) = https://www.youtube.com/watch?v=Qw1nNPiH_Go
8. Bug Bounty Hunting Methodology V2 (Jason Haddix) =
https://www.youtube.com/watch?v=C4ZHAdI8o1w
9. How to Shot Web V2 (Jason Haddix) = https://www.youtube.com/watch?v=-FAjxUOKbdI
10. How to Differentiate Yourself as a Bug Hunter (Mathias Karlsson) = https://www.youtube.com/watch?v=WTH6f0R7uzo
11. Screw Becoming A Pentester I Want To Be A Bug Bounty Hunter! = https://www.youtube.com/watch?v=ceJG4k27dcQ
12. Hunting for Top Bounties (Nicolas Grégoire) = https://www.youtube.com/watch?v=mQjTgDuLsp4
1. Bug Bounty Field Manual (Adam Bacchus) =
https://www.youtube.com/watch?v=aNyK1yVLLRI
2. Tales of a Bug Bounty Hunter (Arne Swinnen) =
https://www.youtube.com/watch?v=Ehq6ofUbslI
3. Doing Recon Like a Boss (Ben Sadeghipour) : https://www.youtube.com/watch?v=1Kg0_53ZEq8
4. Bug Bounty Hunters Lessons From Darth Vader = https://www.youtube.com/watch?v=DB42tvvJhHw
5. Attacking Modern Web Technologies (Frans Rosén) = https://www.youtube.com/watch?v=vRqcUS4CPFs
6. How to Win Over Security Teams and Gain Influence (Frans Rosén) = https://www.youtube.com/watch?v=Uyjkgsu-mrU
7. Bug Bounty Hunting Methodology V3 (Jason Haddix) = https://www.youtube.com/watch?v=Qw1nNPiH_Go
8. Bug Bounty Hunting Methodology V2 (Jason Haddix) =
https://www.youtube.com/watch?v=C4ZHAdI8o1w
9. How to Shot Web V2 (Jason Haddix) = https://www.youtube.com/watch?v=-FAjxUOKbdI
10. How to Differentiate Yourself as a Bug Hunter (Mathias Karlsson) = https://www.youtube.com/watch?v=WTH6f0R7uzo
11. Screw Becoming A Pentester I Want To Be A Bug Bounty Hunter! = https://www.youtube.com/watch?v=ceJG4k27dcQ
12. Hunting for Top Bounties (Nicolas Grégoire) = https://www.youtube.com/watch?v=mQjTgDuLsp4
YouTube
Bug Bounty Field Manual - Cliff Notes from the Author Adam Bacchus
Download the guide now! https://www.hackerone.com/resources/bug-bounty-field-manual
The Bug Bounty Field Manual is the most comprehensive, educational, practical, and valuable resource ever about the ins and outs of running a successful bug bounty program.…
The Bug Bounty Field Manual is the most comprehensive, educational, practical, and valuable resource ever about the ins and outs of running a successful bug bounty program.…
All ONLINE WEBSITE LINK FIR TEST XSS HERE:
https://alf.nu/alert1
http://prompt.ml/0
https://xss-quiz.int21h.jp/
http://sudo.co.il/xss/
https://web.archive.org/web/20190617111911/https://polyglot.innerht.ml/
http://vulnweb.com/
https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
https://hack.me/t/XSS
https://github.com/cure53/XSSChallengeWiki/wiki
https://alf.nu/alert1
http://prompt.ml/0
https://xss-quiz.int21h.jp/
http://sudo.co.il/xss/
https://web.archive.org/web/20190617111911/https://polyglot.innerht.ml/
http://vulnweb.com/
https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
https://hack.me/t/XSS
https://github.com/cure53/XSSChallengeWiki/wiki
Huge repo for all security collections - https://github.com/SecOpsTeam
GitHub
SecOpsTeam - Overview
https://t.me/SecOpsTeam. SecOpsTeam has 38 repositories available. Follow their code on GitHub.
Bug Bounty Platform:
https://www.hackerone.com/
https://www.bugcrowd.com/
https://www.openbugbounty.org/
https://www.cesppa.com/
https://www.yeswehack.com/
https://www.intigriti.com/
https://hackenproof.com/
https://safehats.com/
https://bugbounty.jp/
https://www.synack.com/
https://www.antihack.me/
https://Cobalt.io
https://www.bountysource.com
https://cs.detectify.com/
https://www.hackerone.com/
https://www.bugcrowd.com/
https://www.openbugbounty.org/
https://www.cesppa.com/
https://www.yeswehack.com/
https://www.intigriti.com/
https://hackenproof.com/
https://safehats.com/
https://bugbounty.jp/
https://www.synack.com/
https://www.antihack.me/
https://Cobalt.io
https://www.bountysource.com
https://cs.detectify.com/
HackerOne
HackerOne | Global leader in offensive security | Security for AI | Crowdsourced Security
HackerOne combines AI with the ingenuity of the largest community of security researchers to find and fix security, privacy, and AI vulnerabilities across the SDLC. HackerOne offers AI red teaming, crowdsourced security, bug bounty, vulnerability disclosure…