🕸️Web Applications

Web Penetration Testing Methodologies

• OWASP WSTG

  • OWASP WSTG Checklists

  • WSTG Checklist.MD

  • WSTG Checklist.xlsx

• OWASP Top 10

• OWASP CheatSheets

• CWE List

• CVSS v3 Calculator

• Mitre ATT&CK matrix

Learning Resources

1. https://portswigger.net/web-security

2. https://book.hacktricks.xyz/network-services-pentesting/pentesting-web

3. https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/web-api-pentesting

4. https://book.hacktricks.xyz/pentesting-web/web-vulnerabilities-methodology