TL;DR

This page does NOT pretend to replace AWAE/OSWE content, this is a compilation of the best (public|my own) resources I have come up with.

AWAE LIST:

PERSONAL LIST:

  • Blind Time-Based & Boolean SQL Injection + Bypassing Character Restrictions

    • MySQL

    • PostgreSQL

  • Deserialization

    • PHP

    • Java

    • .NET

  • XSS

    • Reflected

    • Stored

    • Data Exfiltration

    • Filter Bypass

  • Loose Comparison

    • Type Juggling

      • Magic Hashes

  • REGEX

    • Filter Bypass

  • File Upload Restrictions Bypass

    • File Extension Filters Bypass

Great people I have learnt a ton from: @secgus, @julianjm, @cynops, @devploit, @oreos, @rmartinsanta.

Mentioned people: @Takito, ITasahobby.

(CTF) Platforms I have enjoyed (and I'm enjoying) the most.

Last updated