This repository contains list of web security related resources that you can use to gain new skills and extend knowledge
- Awesome web security lists
- Books
- Certifications
- Cheat sheets
- Learning Platforms
- OWASP Resources
- Tools
- awesome-web-security
- awesome-web-hacking
- awesome-bugbounty-writeups
- awesome-shodan-queries
- Awesome Asset Discovery
- static-analysis
- AWAE-Prep
- 31-day-of-api-security-tips
- XSS-payload-list
- awesome-security web part
- awesome-nodejs-security
- api-security-best-practises
- resources-for-beginner-bug-bounty-hackers
- awesome-ruby-security
- the-book-of-secret-knowledge
- awesome-osint
- my-arsenal-of-web-security-tools
- PayloadAllTheThings
- SecLists
- nginx-admins-handbook
- nodejs-best-practises
- HackTricks Web Pentesting
- pentest-tools
- Web Hacking 101
- The Web Application Hacker's Handbook
- Web Application Security: Exploitation and Countermeasures for Modern Web Applications
- Web Security For Developers: Real Threats, Practical Defense
- Real-World Bug Hunting: A Field Guide to Web Hacking
- Web Application Security, A Beginner's Guide
- OpenSSL Cookbook
- Metasploit Unleashed
- Crypto 101
- TryHackMe
- PentesterLab
- Web Security Academy
- INE
- Offensive Security
- HackTheBox
- RootMe
- HackThisSite
- Hack.me
- Hacker 101
- PentesterAcademy
- Cybrary
- SANS
- WSTG
- OWASP Top 10
- OWASP API Security Top 10
- Cheat Sheet Series
- OWASP-Testing-Checklist
- OWASP Projects list
- OWASP VWAD
- Security-Shepherd
- Juice Shop
- arachni
- Archery
- aws-enumerator
- beef
- brakeman
- Burp Suite
- cartography
- client-side-prototype-pollution
- csp-evaluator
- CyberChef
- dependency-track
- detect-secrets
- DOMPurify
- EyeWitness
- FinalRecon
- git leaks
- Hetty
- HostHunter
- HUNT
- JSShell
- jwt-tool
- jwtXploiter
- LeakLooker
- LinkFinder
- nikto
- nmap
- nosqlmap
- OWASP ZAP
- pentest-tools
- rapidscan
- S3Scanner
- semgrep
- SecretFinder
- Sn1per
- Snyk
- SonarQube
- SonarSearch
- sqlmap
- Sublist3r
- w3af
- wappalyzer
- Wfuzz
- WhatWaf
- XSStrike