Researcher Resources - Tutorials

samhouston · May 23, 2016, 8:21pm

This is a list of tutorial resources that can be helpful to security researchers that want to learn more about web and mobile application hacking. Please let us know if you have any suggestions for resources that we should add to this post!

Web applications:

XSS

A comprehensive tutorial on cross-site scripting - link
Favorite XSS Filters/IDS and how to attack them - pdf link
Introduction to cross-site scripting - link
Avoiding XSS Detection - link

CSRF

Finding and Preventing CSRF - pdf link
How to exploit CSRF Vulnerabilities - link

SQL Injection

Introduction to SQL Injection - link
Introduction to MySQL Injection - link
Full MSSQL Injection PWNage - link
Everything you wanted to know about SQL injection - link

Remote Code/Command Execution

How to find RCE in scripts (with examples)- link
Yahoo LFI Converted to RCE - link
Remote Code Execution in Elasticsearch - CVE-2015-1427 - link

XXE

Generic XXE Detection - link
XML Out-Of-Band Data Retrieval - pdf link
SSRF vs. Business-critical applications: XXE tunneling in SAP - pdf
link
What you didn’t know about XXE - pdf link

Other:

SSRF Attacks - slideshare link
Cross Site Port Attacks - link
Hunting for Top Bounties - YouTube link
How to steal and modify data using Business Logic flaws - slideshare
link
Exploiting CVE-2011-2461 on google.com - link
PentesterLab - link - PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities. (thanks @n0x00)
InjectX to find XSS - link - thanks @1N3
Attacking Ruby on Rails Applications - link

Mobile Applications:

Android

Debugging Java Applications Using JDB - link
Hacking Android Apps Using Backup Techniques - link

iOS

Setting Up a Mobile Pentesting Platform - link
iOS Application Security - link

n0x00 · June 1, 2015, 12:21pm

These are pretty good :

PentesterLab is an easy and great way to learn penetration testing.
PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities.

https://pentesterlab.com/exercises/

samhouston · June 1, 2015, 4:54pm

Thanks @n0x00! Updated the list

jeremiah · June 22, 2015, 4:45pm

Here’s a new class from Rensselaer Polytechnic Institute: Modern Binary Exploitation - CSCI 4968

pwn · July 11, 2015, 2:58am

A great resource for toy environments to aggressively evaluate - https://www.vulnhub.com

samhouston · May 10, 2016, 10:57pm

@joernchen wrote a guide & introduction to Attacking Ruby on Rails applications. Very useful!

Digitalsec4u · November 10, 2016, 2:40pm

Hacksplaining is a great site for beginners and goes into each kind of attack and how they are executed https://www.hacksplaining.com/

Imran_Nazir · October 1, 2017, 6:51pm

here is an another great Blog
http://www.anonzhub.blogspot.com

BazEdwards · March 13, 2018, 9:47pm

I compiled a comprehensive list of deliberately vulnerable websites a while ago so that hackers can practice their skills whilst staying on the right side of the law:

https://www.bonkersabouttech.com/security/40-plus-list-of-intentionally-vulnerable-websites-to-practice-your-hacking-skills/392

jg2711 · June 14, 2019, 5:49am

You can learn about scripting and SQL injection on this Blog too,anonhack.in

fozi_6044 · September 11, 2019, 6:39pm

hi Samhouton
These all links are very useful for me to find new and potential vulnerabilities on a websites.
But can u defin here logic vulnerabilities and IDOR ?
Thanks
Muhammad Fauzan

Cogniscient · December 4, 2019, 10:21am

SAP B1, unlike other ERP systems, comes with a dedicated MRP system. This means that SAP Business One has a module for each and everything that a job shop needs to do. Moreover, it allows your business to become faster, more agile, operate smoothly, and bring in profits.

HE5150 · March 26, 2020, 6:25am

Anyone have recommendations of resources that explain internet fundamentals?

I’m learning this from scratch and have been getting stuck on basic acronyms, vocabulary, and fundamentals that I don’t know yet. Anyone know anything that can help build a foundation?

Thank you

SilverStr · April 10, 2020, 12:31am

I have found that PortSwigger’s Web Security Academy a great resource to learn and hone your skills on, at least for web app pentesting.

Another great resource is the OWASP JuiceShop. Make sure you read the corresponding solution guide, as it helps to explain the thought process behind each attack.

Once you have completed all the challenges from these two resources you have a pretty well rounded understanding of how to break all the things.

This is the way. HTH.

AalapSec · April 28, 2020, 7:56pm

I would be thankful if you tell prerequisite (according to your experience) for PentesterLab.
Thank you

Abartan · April 29, 2020, 1:09am

All I can say is enthusiasm. No pre-requisite. Patience and enthusiasm is all you need.
It starts from Unix badge where it teaches basics of some linux and some misconfigurations and stuffs. then moves towards other challenges.

0xatul · April 29, 2020, 5:23pm

yes, pentesterlab is a really good resource

misteranon · May 13, 2020, 11:59pm

yeah i too find i helpful thankyou .

godzkidhacker · June 5, 2020, 1:22pm

Are you the guy who :
Want to earn money.
You do not care about your age.
You are smart.
You are hard working.
You like hacking.

Then this channel is for you :

Subscribe it only original content no shitty videos no indirect talking only about ethical hacking and bug bounty

Please subscribe i am just doing it for humanity

Uday463 · July 8, 2020, 10:58pm

This might help you or your friends to learn 100+ security issues easily and get a job and I am uploading daily 2 videos. 100+ unique security test cases learning and 100+ ways of ethical web hacking in just 2 months without any preskills.