Researcher Resources - Tutorials

This is a list of tutorial resources that can be helpful to security researchers that want to learn more about web and mobile application hacking. Please let us know if you have any suggestions for resources that we should add to this post!

Web applications:

XSS

  • A comprehensive tutorial on cross-site scripting - link
  • Favorite XSS Filters/IDS and how to attack them - pdf link
  • Introduction to cross-site scripting - link
  • Avoiding XSS Detection - link

CSRF

  • Finding and Preventing CSRF - pdf link
  • How to exploit CSRF Vulnerabilities - link

SQL Injection

  • Introduction to SQL Injection - link
  • Introduction to MySQL Injection - link
  • Full MSSQL Injection PWNage - link
  • Everything you wanted to know about SQL injection - link

Remote Code/Command Execution

  • How to find RCE in scripts (with examples)- link
  • Yahoo LFI Converted to RCE - link
  • Remote Code Execution in Elasticsearch - CVE-2015-1427 - link

XXE

  • Generic XXE Detection - link
  • XML Out-Of-Band Data Retrieval - pdf link
  • SSRF vs. Business-critical applications: XXE tunneling in SAP - pdf
    link
  • What you didn’t know about XXE - pdf link

Other:

  • SSRF Attacks - slideshare link
  • Cross Site Port Attacks - link
  • Hunting for Top Bounties - YouTube link
  • How to steal and modify data using Business Logic flaws - slideshare
    link
  • Exploiting CVE-2011-2461 on google.com - link
  • PentesterLab - link - PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities. (thanks @n0x00)
  • InjectX to find XSS - link - thanks @1N3
  • Attacking Ruby on Rails Applications - link

Mobile Applications:

Android

  • Debugging Java Applications Using JDB - link
  • Hacking Android Apps Using Backup Techniques - link

iOS

  • Setting Up a Mobile Pentesting Platform - link
  • iOS Application Security - link

22 Likes

These are pretty good :

PentesterLab is an easy and great way to learn penetration testing.
PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities.

https://pentesterlab.com/exercises/

6 Likes

Thanks @n0x00! Updated the list :smile:

2 Likes

Here’s a new class from Rensselaer Polytechnic Institute: Modern Binary Exploitation - CSCI 4968

3 Likes

A great resource for toy environments to aggressively evaluate - https://www.vulnhub.com

3 Likes

@joernchen wrote a guide & introduction to Attacking Ruby on Rails applications. Very useful!

1 Like

Hacksplaining is a great site for beginners and goes into each kind of attack and how they are executed https://www.hacksplaining.com/

3 Likes

here is an another great Blog

1 Like

I compiled a comprehensive list of deliberately vulnerable websites a while ago so that hackers can practice their skills whilst staying on the right side of the law:

https://www.bonkersabouttech.com/security/40-plus-list-of-intentionally-vulnerable-websites-to-practice-your-hacking-skills/392

1 Like

You can learn about scripting and SQL injection on this Blog too,anonhack.in

hi Samhouton
These all links are very useful for me to find new and potential vulnerabilities on a websites.
But can u defin here logic vulnerabilities and IDOR ?
Thanks
Muhammad Fauzan

SAP B1, unlike other ERP systems, comes with a dedicated MRP system. This means that SAP Business One has a module for each and everything that a job shop needs to do. Moreover, it allows your business to become faster, more agile, operate smoothly, and bring in profits.

Anyone have recommendations of resources that explain internet fundamentals?

I’m learning this from scratch and have been getting stuck on basic acronyms, vocabulary, and fundamentals that I don’t know yet. Anyone know anything that can help build a foundation?

Thank you