TL;DR
This page does NOT pretend to replace AWAE/OSWE content, this is a compilation of the best (public|my own) resources I have come up with.
AWAE LIST:
PERSONAL LIST:
  • Blind Time-Based & Boolean SQL Injection + Bypassing Character Restrictions
    • MySQL
    • PostgreSQL
  • Deserialization
    • PHP
    • Java
    • .NET
  • XSS
    • Reflected
    • Stored
    • Data Exfiltration
    • Filter Bypass
  • Loose Comparison
    • Type Juggling
      • Magic Hashes
  • REGEX
    • Filter Bypass
  • File Upload Restrictions Bypass
    • File Extension Filters Bypass
Great people I have learnt a ton from: @secgus, @julianjm, @cynops, @devploit, @oreos, @rmartinsanta.
Mentioned people: @Takito, ITasahobby.
(CTF) Platforms I have enjoyed (and I'm enjoying) the most.
Websec
247CTF - The game never stops
247CTF
Web Security Academy: Free Online Training from PortSwigger
WebSecAcademy
Hacking Training For The Best
Hack The Box
Last modified 2yr ago
Copy link