Hey 0x00ers,
Throughout all the posts I’ve lurked on, I’ve realised that a lot of people lack knowledge within the Web Security sector and they wouldn’t mind learning it - as it is pretty fun. Now, this thread will include a variety of different links, and it will be talking about Web Security from an attacker’s point of view and not a defender. I will supply you with all the materials I use that are really good to read and use. Of course, if you have any other materials then post below so that it makes it easier for other people to learn
The first thing I did was look at what attack types there are within the Web Security sector, and the website I chose for this is https://www.owasp.org/index.php/Category:Attack purely because it’s one of the good ones out there if not, the best.
After I was familiar with certain attack types (such as XSS, CSRF, IDOR, SQLi, and more) I decided to download Burp Suite as it is a tool that has the ability to crawl for endpoints, allow you to send multiple requests to specific websites and endpoints, allows you to view the response in HTML format from that request, allows you to bruteforce simultaneously and so on. It’s the best tool that I have ever used and I wouldn’t hesitate paying for the Pro version. However, I’m not attempting to write a review on Burp so let’s move on.
After I was familiar with attack types & the use of Burp I decided to participte in CTF’s and hacking boxes and doing web challenges that are on https://hackthebox.eu and CTF’s like https://ctf.hacker101.com/ and https://picoctf.com
After I played around with the boxes and challenges, I still wanted to learn more as the journey isn’t finished (p.s: and it never will be, for anyone). I decided to start reading writeups as a lot of people attack websites differently whether it’s the use of programs, methods or filtering. A good website for reading writeups is https://pentester.land/list-of-bug-bounty-writeups.html which includes a ton of them. Reading writeups is a thing that every pentester / bug bounty hunter should do as it lets you know about attacking an input field in ways you might’ve not known, or how to deal with a bit of filtering and such.
I’m for sure not a professional, but this was only a short guide to get people started off within the Web Security sector on the attacking side.
If you have anything to add, don’t hesitate to comment!