cyber-security
dark-web
linux-security
ssl-tls
cyber-security#SQL injection
focus of web application and deployment
Web application security - Wikiwand
Category:Web security exploits - Wikiwand
Have I been pwned? Check if your email has been compromised in a data breach
Top 10 Web Hacking Techniques of 2015 | WhiteHat Security Blog
10 Web Security Vulnerabilities: Misconfiguration and More | Toptal
Logjam, Part 1: Why the Internet is Broken Again (an Explainer) | Electronic Frontier Foundation
paragonie/awesome-appsec: A curated list of resources for learning about application security
Single Page Web App Security Cheat Sheet
Rana Khalil - YouTube
Free Web Hacking Course - YouTube 1:08:03, Broken Access Control
Web Security Academy: Free Online Training from PortSwigger
The Art of Identifying Vulnerabilities - CascadiaFest 2015
How I find bugs in Web Applications | The ^lift Security Blog
前端安全冷门知识杂谈 | Litten 的博客
7 Steps to Secure JavaScript in 2021 | by Viduni Wickramarachchi | May, 2021 | Bits and Pieces
JavaScript Security Issues and Best Practices | by Mahdhi Rezvi | Bits and Pieces
The protocol-relative URL - Paul Irish
Identity eats security: How identity management is driving security | CSO Online detect intrusion beyond authentication
In Search for a Perfect Access Control System | Teleport
How to Secure Your React.js Application
Courses/Videos
APIsec University - Become an API Security Expert
Web Security Academy: Free Online Training from PortSwigger
Vickie Li's Security Blog
Vickie Li Dev - YouTube
Attacking Web Applications - YouTube
Defending Web Applications - YouTube
Frontend Security - Frontend Conf 2013, Zürich - YouTube
HTML5DevConf May2014: Mark Stuart, PayPal: Web Security in Node.js and JavaScript Apps (SPAs) - YouTube
Web Security @ SFHTML5 - YouTube
Tools
SecurityWizardry.com - Directory
14 best open-source web application vulnerability scanners [updated for 2020] | Infosec
Error | Infosec
Burp Suite - Application Security Testing Software - PortSwigger
Download Burp Suite Community Edition - PortSwigger
Burp for Beginners: Introduction to Burp - YouTube
OWASP Zed Attack Proxy Project - OWASP
zaproxy/zaproxy: The OWASP ZAP core project
swatv3nub/IronWASP
IronWASP: An introduction | Infosec
sullo/nikto: Nikto web server scanner
Web Server Scanning With Nikto – A Beginner's Guide
Wapiti : a Free and Open-Source web-application vulnerability scanner in Python CMS
wapiti-scanner/wapiti: Web vulnerability scanner written in Python3
chaitin/xray: 一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc | 使用之前务必先阅读文档
chaitin/xapp
chaitin/xpoc: 为供应链漏洞扫描设计的快速应急响应工具 [快速应急] [漏洞扫描] [端口扫描] [xray2.0进行时] A fast emergency response tool designed for supply chain vulnerability scanning.
chaitin/xray-plugins
BeEF - The Browser Exploitation Framework Project
beefproject/beef: The Browser Exploitation Framework Project
How to Use the BeEF Hacking Tool (2024)
i HACKED my wife’s web browser (it’s SCARY easy!!) - YouTube NetworkChuck
How to use BeEF, the Browser Exploitation Framework | TechTarget
How to use BeEF, the Browser Exploitation Framework - YouTube
andresriancho/w3af: w3af: web application attack and audit framework, the open source web vulnerability scanner. 😴inactive, last update 2020
Welcome to w3af’s documentation — w3af - Web application attack and audit framework 2019.1.2 documentation
amoldp/Grabber-Security-and-Vulnerability-Analysis- 😴inactive, last update 2015
SecurityWizardry.com - Grabber
killvxk/Yuki-Chan-The-Auto-Pentest-1: Automate Pentest Tool 😴inactive, last update 2012, CMS
Yuki Chan - Automated Penetration Testing and Auditing Tool in Kali Linux - GeeksforGeeks
skipfish - Google Code Archive - Long-term storage for Google Code Project Hosting. 😴inactive, last update 2012
Skipfish - Penetration Testing tool in Kali Linux - GeeksforGeeks
ratproxy - Google Code Archive - Long-term storage for Google Code Project Hosting. 😴inactive, last update 2009
Commercial
Codename SCNR – Ecsypno
brochure.pdf
scnr/installer: Installation script for Codename SCNR.
Introduction - Codename SCNR Documentation
Arachni / SCNR — Web Application Security Scanner Framework | by Arman Dwi Jatmiko | Medium
Codename RKN – Ecsypno
codename-rkn/installer: Installation script for Codename RKN.
Introduction - Codename RKN
Qualys Web Application Scanning | Qualys
How It Works | Web Application and API Security | Invicti
Add True IAST to DAST to Scale Your Security | Invicti
Crawl Where Other Vulnerability Scanners Can’t | Invicti
OWASP
The Open Web Application Security Project (OWASP) OWASP_SCP_Quick_Reference_Guide_v2.pdf
OWASP on GitHub
HTML5 Security · OWASP Cheat Sheet Series
OWASP Dependency Check - OWASP
Continuous Security Using OWASP - DZone Security
OWASP Web Security Testing Guide | OWASP Foundation
wstg/document at master · OWASP/wstg
OAuth 2.0 Hacking for Beginners with Farah Hawa - YouTube
Web Application Firewalls (WAFs)
Web application firewall - Wikiwand
Bypassing WAF Technologies. In recent years, the use of Web… | by Yealvare | Oct, 2024 | Medium
Vulnerable Environments/靶機
snoopysecurity/dvws-node: Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API related vulnerabilities. Node.js, Expressjs, XML_RPC, and Graphql
appsecco/dvna: Damn Vulnerable NodeJS Application Node.js API, 😴inactive, last update 2017
Aif4thah/VulnerableLightApp: Vulnerable API for educational purposes dotnet
Home of Acunetix Art
OWASP VulnerableApp | OWASP Foundation
SasanLabs/VulnerableApp: OWASP VulnerableApp Project: For Security Enthusiasts by Security Enthusiasts. Java REST API
OWASP Mutillidae II | OWASP Foundation
webpwnized/mutillidae: OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
webpwnized/mutillidae-dockerhub: OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.
Using Mutillidae II - YouTube
OWASP Juice Shop | OWASP Foundation
OWASP Juice Shop
juice-shop/juice-shop: OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Pwning OWASP Juice Shop
juice-shop/SOLUTIONS.md at master · juice-shop/juice-shop
How to hack OWASP Juice Shop - A Guided Walkthrough showing all Solutions - YouTube
OWASP WebGoat | OWASP Foundation
WebGoat/WebGoat: WebGoat is a deliberately insecure application
Client XSS Introduction - DomGoat
Hackazon Installation Guide | AppSpider Documentation
rapid7/hackazon: A modern vulnerable web app
Newlode/hackazon: rapid7/hackazon vulnerable website in Docker container
cmutzel/all-in-one-hackazon: Run a docker container include hackazon, apache, and mysql
snoopysecurity/dvws: Damn Vulnerable Web Services is an insecure web application with multiple vulnerable web service components that can be used to learn real world web service vulnerabilities. NOTE: This project is out of date, please use https://github.com/snoopysecurity/dvws-node PHP
digininja/DVWA: Damn Vulnerable Web Application (DVWA) PHP
bWAPP, a buggy web application! PHP
ITSEC Games
Session Fixation
SRI
Subresource Integrity - Web security | MDN
hash for resources
CSP
limits what scripts are trusted, mitigates XSS
Content-Security-Policy Header ⟶ CSP Reference & Examples
Content Security Policy (CSP) - HTTP | MDN
Content security policy | Web Security Academy
Using Content Security Policy (CSP) to Secure Web Applications
Enhance JavaScript Security with Content Security Policies | by Ashan Fernando | Bits and Pieces
Bypassing CSP with dangling iframes | PortSwigger Research
SSRF
Server-side request forgery - Wikiwand
What is SSRF (Server-side request forgery)? Tutorial & Examples | Web Security Academy
CORS/SOP
Cross Origin Resource Sharing
Same Origin Policy
Cross-origin resource sharing - Wikiwand
Cross-Origin Resource Sharing (CORS) - HTTP | MDN
enable cross-origin resource sharing
Cross-Origin Resource Sharing (CORS) | Articles | web.dev
Why you need "cross-origin isolated" for powerful features | Articles | web.dev
Getting CORS Working
Understanding CORS and cross-origin cookies | by Sharad Jain | Medium
authentication - Set cookies for cross origin requests - Stack Overflow
HTML5 Security Cheat Sheet - OWASP
XSRF/CSRF/CSURF
Cross-site request forgery - Wikiwand
What is CSRF (Cross-site request forgery)? Tutorial & Examples | Web Security Academy
Bypassing CSRF Protections: A Double Defeat of the Double-Submit Cookie Pattern
Cross-Site Request Forgery is dead!
CSRF Is Dead, Long Live SameSite=Lax! (or is it?) – Stephen's Thoughts
讓我們來談談 CSRF
Cross Site Request Forgery vs Server Side Request Forgery Explained - YouTube
Cross-Site Request Forgery (CSRF) Explained - YouTube
These are vulnerabilities that exploits trust on user's browser. Malicious scripts initiates attack from user's browser to the target site and reuse the cookie in the browser. The attack usually involves form submit or URL operation.
Same-Origin policy (SOP) only blocks reading response, not helpful in blocking CSRF
The counter-measure is to:
- create synchronizer tokens (
csrftoken) unique to each submitting form - use AJAX (protected by SOP and CORS) with Cookie-to-Header Token
XSS
Cross-site scripting - Wikiwand
What is cross-site scripting (XSS) and how to prevent it? | Web Security Academy
Cross Site Scripting Prevention - OWASP Cheat Sheet Series
XSS Filter Evasion - OWASP Cheat Sheet Series
Excess XSS: A comprehensive tutorial on cross-site scripting
What is cross-site scripting (XSS) and how to prevent it? | Web Security Academy
What is cross-site scripting (XSS) and how to prevent it? | Web Security Academy
DOM clobbering | Web Security Academy
Your API-Centric Web App Is Probably Not Safe Against XSS and CSRF
trufflesecurity/xsshunter
Truffle Security relaunches XSS Hunter tool with new features | The Daily Swig
These are vulnerabilities that exploits trust on user inputs, the app renders or executes them without sanity check and escaping.
It usually involves running malicious in the target site and reusing the user session and accessing the target site's cookies.
一次对 Tui Editor XSS 的挖掘与分析 | 离别歌
// this triggers upon inserting to `innerHTML`
const root = document.createElement("div");
root.innerHTML = "<img src=1 onerror=alert(1)>";
root.innerHTML = "<details open ontoggle=alert(1)>";Sanitizer
If markup is allowed, sanitize user input before saving to database
cure53/DOMPurify: DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of configurability and hooks. Demo:
sanitize-html-react - npm
Node.js
Node Security Project
The ^lift Security Blog Newsletter
Unapply attack | Better world by better software
When This is Really That | The ^lift Security Blog
Node.js application (in)security - Ilja van Sprundel - OWASP AppSec California 2015 - YouTube
Helmet for express app
NodeJS Security Headers: 101 | Hacker Noon
Vulnerable Dependencies
npm audit
Retire.js
Dependency management + Code analytics for Node.js projects
Fingerprinting
How websites take browser fingerprints | Kaspersky official blog
Fighting TLS fingerprinting with Node.js | HTTP Toolkit
Researchers use GPU fingerprinting to track users online
CSS Security Vulnerabilities | CSS-Tricks - CSS-Tricks
CSS-Based Fingerprinting | CSS-Tricks - CSS-Tricks
What Is Browser Fingerprinting and How Does It Work? | SEON
FingerprintJS Open Source Demo
The device intelligence platform | Fingerprint
Demo: Disabling JavaScript Won’t Save You from Fingerprinting
The Top Browser Fingerprinting Techniques Explained - Fingerprint
How Does Canvas Fingerprinting Work - Fingerprint
Canvas Fingerprinting - BrowserLeaks
How the Web Audio API is used for audio fingerprinting