AWAE - OSWE Preparation / Resources
  • TL;DR
  • General
    • Resources
      • BurpSuite
      • WhiteBox
    • POCs
      • Deserialization
        • PHP
        • Java
          • Ysoserial
      • SQL Injection
      • Type Juggling
      • CSRF
  • By Vulnerability
    • SQL Injection
      • Summary
      • Types
      • Injection by clause
      • Bypassing Character Restrictions
      • By Language
        • JAVA
          • Regex
          • Summary
      • Regex
      • Resources
    • Deserialization
      • By Language
        • PHP
          • Regex
          • Summary
          • Practice
        • JAVA
          • Regex
          • Summary
          • Practice
          • Resources
        • .NET
          • Regex
          • Summary
          • Resources
      • Resources
    • XSS
    • XXE
      • By Language
        • PHP
          • Practice
          • Resources
        • Java
          • Vulnerable Libraries' Implementation
      • Resources
    • SSTI
      • Summary
      • Practice
      • Resources
    • File Upload Restrictions Bypass
      • Tricks
      • File Extension Filters Bypass List
      • Resources
  • REGEX
  • By Language
    • PHP
      • Regex
      • Type Juggling
        • Summary
        • Practice
    • Java
      • Decompiling
      • Compiling & Running
    • NodeJS
      • Practice
  • Random
  • Other Repositories
Powered by GitBook
On this page

Was this helpful?

TL;DR

NextResources

Last updated 4 years ago

Was this helpful?

This page does NOT pretend to replace content, this is a compilation of the best (public|my own) resources I have come up with.

AWAE LIST:

PERSONAL LIST:

  • Blind Time-Based & Boolean SQL Injection + Bypassing Character Restrictions

    • MySQL

    • PostgreSQL

  • Deserialization

    • PHP

    • Java

    • .NET

  • XSS

    • Reflected

    • Stored

    • Data Exfiltration

    • Filter Bypass

  • Loose Comparison

    • Type Juggling

      • Magic Hashes

  • REGEX

    • Filter Bypass

  • File Upload Restrictions Bypass

    • File Extension Filters Bypass

(CTF) Platforms I have enjoyed (and I'm enjoying) the most.

Great people I have learnt a ton from: , , , , , .

Mentioned people: , .

@secgus
@julianjm
@cynops
@devploit
@oreos
@rmartinsanta
@Takito
ITasahobby
AWAE/OSWE
.NET Deserialization
Bypassing File Extension Filters
Magic Hashes
Cross-Site Request Forgery
Type Juggling
Bypassing File Upload Restrictions
Loose Comparisons
Bypassing Character Restrictions
Blind SQL Injection
Bypassing REGEX restrictions
Websec
247CTF - The game never stops247CTF
Logo
Web Security Academy: Free Online Training from PortSwiggerWebSecAcademy
Logo
Hacking Training For The BestHack The Box
Persistent Cross-Site Scripting
Session Hijacking
Data Exfiltration
Logo
Logo