Awesome Web Hacking – A Comprehensive Guide To Tools, Techniques, And Resources

This list is for anyone wishing to learn about web application security but do not have a starting point.

You can help by sending Pull Requests to add more information.

If you’re not inclined to make PRs you can tweet me at @infoslack

Books
Documentation
Tools
Cheat Sheets
Docker
Vulnerabilities
Courses
Online Hacking Demonstration Sites
Labs
SSL
Security Ruby on Rails

Books

The Web Application Hacker’s Handbook: Finding and Exploiting Security Flaws
Hacking Web Apps: Detecting and Preventing Web Application Security Problems
Hacking Exposed Web Applications
SQL Injection Attacks and Defense
The Tangled WEB: A Guide to Securing Modern Web Applications
Web Application Obfuscation: ‘-/WAFs..Evasion..Filters//alert(/Obfuscation/)-‘
XSS Attacks: Cross Site Scripting Exploits and Defense
The Browser Hacker’s Handbook
The Basics of Web Hacking: Tools and Techniques to Attack the Web
Web Penetration Testing with Kali Linux
Web Application Security, A Beginner’s Guide
Hacking: The Art of Exploitation
Crypto 101 is an introductory course on cryptography
Metasploit Unleashed
Security Engineering
OpenSSL Cookbook
Learn and apply cryptographic techniques.
A guide to the key concepts, terminology, and technologies of cybersecurity perfect for anyone planning or implementing a security strategy.
Kickstart a career in cyber security by learning how to adapt your existing technical and non-technical skills.
A book about cryptographic techniques and Secret Key methods.
This practical book is a one-stop guide to implementing a robust application security program.
Practical guide to cyber threat hunting.
Bug Bounty Bootcamp
Hacking APIs
A book about building web apps that are ready for and resilient to any attack.

For more information click here.

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.