Researcher Resources - Getting Started


#1

This is a list of resources that can be helpful to researchers that are just getting started, or those that want to improve some core aspects of their research and reporting. Please let us know if you have any suggestions for resources that we should add to this post!

General Reading:

Web Application:

Mobile Application:

Books:

Pentesting:

Web:

@maK - Full of good tips and covers a lot more than just web-related security, so this recommendation is possibly aimed at those who are more advanced than beginner. Requires a programming background really.”

Mobile:


Introductions - Meet your fellow Bugcrowd members
Introductions - Meet your fellow Bugcrowd members
#3

The Grey Hat Hackers Handbook - 4th Edition is great and covers lots of things well.

Full of good tips and covers a lot more than just web-related security, so this recommendation is possibly aimed at those who are more advanced than beginner. Requires a programming background really.


#4

Thanks, @maK! I’ve added it :smile:


#5

A post was split to a new topic: Help with Setting up proxy


#6

A post was split to a new topic: Help getting started


#7

Hi,

I created a free Burp Suite video tutorial. I think it is perfect for people starting web hacking, or just need a good intercepting proxy. You can find it here:

http://hackademy.aetherlab.net

Best,
Geri


#8

Is there any Free Books, or Free Tutorials for the new Ones Like me. To learn New Stuffs of Bug Crowd.
Please share me some Links


#9

Hi Mohammed - this page should be helpful to you:


#10

Thanks for your Help Samhouston


#11

Hey I’m new to basically everything when it comes to hacking.Is It possible to go from no computer experience to a professional hacker? Right now I’m studying python and I intend to get the books mentioned above. Thx for any help.


#12

Yes it is, just don’t get discouraged when you hit rough spots, like anything else set realistic goals for yourself. A good starting point is the OWASP Testing guide https://www.owasp.org/index.php/OWASP_Testing_Guide_v4_Table_of_Contents and the OWASP Broken Web Apps virtual machine https://www.owasp.org/index.php/OWASP_Broken_Web_Applications_Project


#13

Hi Gerion, if possible please provide tutorials for thick client application security testing