Fork me on GitHub

Ranked awesome lists, all in one place

This list is a copy of qazbnm456/awesome-web-security with ranks


Awesome Web Security Awesome ★73813

🐶 Curated list of Web Security materials and resources.

Needless to say, most of websites on-line are suffered from various type of bugs, which might eventually lead to vulnerabilities. Why would this happen so often? Many factors can be involved, including misconfiguration, shortage of engineers’ security skills, and etc. Therefore, here is the curated list of Web Security materials and resources for learning the cutting edge penetrating techniques.

Please read the contribution guidelines before contributing.


🌈 Want to strengthen your penetration skills?
I would recommend to play some awesome-ctfs.


Check out my repos 🐾 or say hi on my Twitter.

Contents

Forums

Resources

Tips

XSS - Cross-Site Scripting

CSV Injection

SQL Injection

Command Injection

ORM Injection

FTP Injection

XXE - XML eXternal Entity

CSRF - Cross-Site Request Forgery

SSRF - Server-Side Request Forgery

Rails

AngularJS

SSL/TLS

Webmail

NFS

AWS

Fingerprint

Sub-domain Enumeration

Crypto

Books

Evasions

CSP

WAF

JSMVC

Authentication

Tricks

Remote Code Execution

XSS

SQL Injection

NoSQL Injection

FTP Injection

SSRF

Header Injection

URL

Others

Browser Exploitation

Frontend (like CSP bypass, URL spoofing, and something like that)

Backend (core of Browser implementation, and often refers to C or C++ part)

PoCs

JavaScript

Tools

Auditing

Reconnaissance

Code Generating

Fuzzing

Penetrating

Offensive

Template Injection

Leaking

Detecting

Preventing

Webshell

Disassembler

Others

Social Engineering Database

use at your own risk

Blogs

Twitter Users

Practices

Application

AWS

XSS

ModSecurity / OWASP ModSecurity Core Rule Set

Community

Miscellaneous

Code of Conduct

Please note that this project is released with a Contributor Code of Conduct. By participating in this project you agree to abide by its terms.

License

CC0

This list is a copy of qazbnm456/awesome-web-security with ranks