Cyber security

Awesome Web Security – The Ultimate Guide To Mastering Techniques, Tools, And Resources

Needless to say, most websites suffer from various types of bugs which may eventually lead to vulnerabilities.

Why would this happen so often? There can be many factors involved including misconfiguration, shortage of engineers’ security skills, etc.

To combat this, here is a curated list of Web Security materials and resources for learning cutting edge penetration techniques, and I highly encourage you to read this article “So you want to be a web security researcher?” first.

Please read the contribution guidelines before contributing.

If you enjoy this awesome list and would like to support it, check out my Patreon page 🙂
Also, don’t forget to check out my repos or say hi on my Twitter!

Contents

  • Digests
  • Forums
  • Introduction
    • XSS
    • Prototype Pollution
    • CSV Injection
    • SQL Injection
    • Command Injection
    • ORM Injection
    • FTP Injection
    • XXE
    • CSRF
    • Clickjacking
    • SSRF
    • Web Cache Poisoning
    • Relative Path Overwrite
    • Open Redirect
    • SAML
    • Upload
    • Rails
    • AngularJS
    • ReactJS
    • SSL/TLS
    • Webmail
    • NFS
    • AWS
    • Azure
    • Fingerprint
    • Sub Domain Enumeration
    • Crypto
    • Web Shell
    • OSINT
    • DNS Rebinding
    • Deserialization
    • OAuth
    • JWT
  • Evasions
    • XXE
    • CSP
    • WAF
    • JSMVC
    • Authentication
  • Tricks
    • CSRF
    • Clickjacking
    • Remote Code Execution
    • XSS
    • SQL Injection
    • NoSQL Injection
    • FTP Injection
    • XXE
    • SSRF
    • Web Cache Poisoning
    • Header Injection
    • URL
    • Deserialization
    • OAuth
    • Others
  • Browser Exploitation
  • PoCs
    • Database
  • Cheetsheets
  • Tools
    • Auditing
    • Command Injection
    • Reconnaissance
      • OSINT
      • Sub Domain Enumeration
    • Code Generating
    • Fuzzing
    • Scanning
    • Penetration Testing
    • Leaking
    • Offensive
      • XSS
      • SQL Injection
      • Template Injection
      • XXE
      • CSRF
      • SSRF
    • Detecting
    • Preventing
    • Proxy
    • Webshell
    • Disassembler
    • Decompiler
    • DNS Rebinding
    • Others
  • Social Engineering Database
  • Blogs
  • Twitter Users
  • Practices
    • Application
    • AWS
    • XSS
    • ModSecurity / OWASP ModSecurity Core Rule Set
  • Community
  • Miscellaneous

Digests

Tamil S

Tamil has a great interest in the fields of Cyber Security, OSINT, and CTF projects. Currently, he is deeply involved in researching and publishing various security tools with Kali Linux Tutorials, which is quite fascinating.

Leave a Comment
Share
Published by
Tamil S
Tags: Awesome Web Securitycybersecurityinformationsecuritykalilinuxkalilinuxtools
2 months ago

Recent Posts

Moriarty Project Remastered V4.1.2 – A Comprehensive Guide To Advanced Phone Number Investigation

Moriarty Project is a powerful web based phone number investigation tool. It has 6 features…

7 hours ago

Exif Looter – A Comprehensive Guide To Managing Image Metadata

"Exif Looter" is a powerful tool designed for the extraction and management of metadata from…

7 hours ago

Ngoto – A Tool For Python Developers

"Ngoto" is an innovative Python tool designed to enhance coding efficiency through the integration of…

7 hours ago

OSINT – Comprehensive Toolkit With Docker To Enhance Your Cyber Security Using Vault Security’s Image

Open Source Intelligence (OSINT) involves gathering and analyzing publicly available information for security purposes. Vault…

7 hours ago

GHunt – Mastering Google With Advanced OSINT Techniques

GHunt v2 is a sophisticated offensive Google framework tailored for OSINT tasks and more. With…

7 hours ago

Facebook Friend List Scraper – A Powerful OSINT Tool For Efficient Data Collection

OSINT tool to scrape names and usernames from large friend lists on Facebook, without being…

1 day ago