AppSecExplained
  • Index < START HERE
    • My courses
    • How to get started from zero
  • 📽️Live Stream Content
    • Resource of the week
  • Discovery / Recon
    • Methodology
    • Content discovery / recon
      • Subdomains
      • Endpoints
      • Parameters
      • Spidering
  • Common vulns
    • SQL injection overview
      • Detection
      • Blind SQLi
      • Second-order SQLi
      • SQLi lab setup & writeups
    • NoSQL injection
    • JavaScript injection (XSS)
      • XSS Methodology
    • File Inclusion
      • Local file inclusion
        • Directory traversal
    • Command injection
    • XXE (XML external entity) injection
      • Blind XXE
    • Template injection
      • Server-side template injection
      • Client-side template injection
    • Authentication
      • Attacking password-based authentication
      • Attacking MFA
      • Authentication lab setup & writeups
    • Cross-Site Request Forgery (CSRF)
    • Insecure deserialization
      • PHP
      • Java
      • Python
      • .NET
    • Server-side request forgery (SSRF)
    • Insecure file upload
    • Clickjacking
    • Open redirect
    • Vulnerable components
    • Race conditions
      • Limit overrun
    • Prototype pollution
      • Client-side prototype pollution
    • APIs
      • API: BOLA
      • API: Broken authentication
      • BOPLA
      • API: BFLA
  • Bypassing controls
    • Rate limiting
    • WAF Bypasses
  • Scripts
    • Docker-compose.yml files
      • Wordpress
      • SQLi testing labs
    • PHP scripts
      • RCE Function Check
    • Wordlists
      • Single characters
      • SQLi
  • Code review
    • Getting started
    • Sinks
  • Links worth your time
    • Practical API Hacking
    • Rana Khalil's Web Security Academy Course
    • Portswigger's Web Security Academy
    • TCM Security Discord
    • PentesterLand Writeups
Powered by GitBook
On this page
  • Live Streams
  • FAQ & Links
  • How do I start Pentesting?
  • How do I become a SOC Analyst?
  • Will AI replace cybersecurity jobs?
  • How do I join the TCM discord?

Was this helpful?

Live Stream Content

PreviousHow to get started from zeroNextResource of the week

Last updated 5 months ago

Was this helpful?

Live Streams

Every Wednesday at 12:00 ET on The Cyber Mentor YouTube Channel.

FAQ & Links

How do I start Pentesting?

How do I become a SOC Analyst?

Will AI replace cybersecurity jobs?

  • Nope

How do I join the TCM discord?

Ethical Hacking in 15 Hours (FREE)

TCM courses

Portswigger Web Security Academy (FREE)

TryHackMe learning paths

Watch this video guide

Go to

📽️
https://www.youtube.com/watch?v=3FNYvj2U0HM
https://academy.tcm-sec.com/
https://portswigger.net/web-security/dashboard
https://tryhackme.com/
https://www.youtube.com/watch?v=OXzDbxphBuA
https://discord.gg/tcm
LogoThe Cyber MentorYouTube