readme.md

Web Development Security

---

Getting Started

• Hackerone Hacker101
• Bugcrowd University
• OWASP Top 10 Explained by detectify
• Web Security Learning
• Software Security Learning
• Learn git
• Penetration testing study notes
• Awesome Security Writeups and POC
• Hacking Articles
• Awesome Netweoking
• Pentesting Bible
• Resources for Beginner Bug Bounty Hunters

Blogs that will get you from zero to one

• Portswigger
• detectify
• Intigriti
• Whitton
• Bug bounty forum

XSS

• bypass-xss-protection-with-xmp-noscript
• XSS Payloads
• Bypass XSS in redirection
• XSS SVG by ghostlulz

XXE

• XML External entity

API Hacking

• API Hacking Graphql

Certificate Transparency

SQLi

• Making a Blind SQL Injection a Little Less Blind

SSRF

Challenges

• XSS challenge by @m0z
• XSS challenges by pwnfunction
• Digi nija pentesting labs
• IP Based Auth Bypass
• NoSQLi Lab
• Web socket challenge
• JWT challenge - digi ninja
• Leaky JWT - digi ninja

Burpsuite Plugins

• Hackbar by d3vulbug

CSP

• Bypassing CSP
• making-an-xss-triggered-by-csp-bypass
• Bypassing CSP using polyglot JPEGs
• CSP by ghostlulz

CORS

• CORS by ghostlulz