This repository contains resources I consider useful for security research of web applications. The reason for making this repository is the following quote by James Kettle:
Every time you read a good quality blog post, read the entire archive.
Therefore if I find quality content from a security researcher I try to find additional sources from the same author. These sources will be added to this repository. The repository does not contain an index based on bug types as there is an excellent reference list made by ngalongc and also by the great yaworsk. It does contain a list of resources ordered both by type of medium and by security researcher. This repository will be in constant development. You are welcome to submit pull requests. I want to thank all security researchers for sharing quality content. It is incredibly helpful to find my way as a security researcher.