AppSecExplained
  • Index < START HERE
    • My courses
    • How to get started from zero
  • 📽️Live Stream Content
    • Resource of the week
  • Discovery / Recon
    • Methodology
    • Content discovery / recon
      • Subdomains
      • Endpoints
      • Parameters
      • Spidering
  • Common vulns
    • SQL injection overview
      • Detection
      • Blind SQLi
      • Second-order SQLi
      • SQLi lab setup & writeups
    • NoSQL injection
    • JavaScript injection (XSS)
      • XSS Methodology
    • File Inclusion
      • Local file inclusion
        • Directory traversal
    • Command injection
    • XXE (XML external entity) injection
      • Blind XXE
    • Template injection
      • Server-side template injection
      • Client-side template injection
    • Authentication
      • Attacking password-based authentication
      • Attacking MFA
      • Authentication lab setup & writeups
    • Cross-Site Request Forgery (CSRF)
    • Insecure deserialization
      • PHP
      • Java
      • Python
      • .NET
    • Server-side request forgery (SSRF)
    • Insecure file upload
    • Clickjacking
    • Open redirect
    • Vulnerable components
    • Race conditions
      • Limit overrun
    • Prototype pollution
      • Client-side prototype pollution
    • APIs
      • API: BOLA
      • API: Broken authentication
      • BOPLA
      • API: BFLA
  • Bypassing controls
    • Rate limiting
    • WAF Bypasses
  • Scripts
    • Docker-compose.yml files
      • Wordpress
      • SQLi testing labs
    • PHP scripts
      • RCE Function Check
    • Wordlists
      • Single characters
      • SQLi
  • Code review
    • Getting started
    • Sinks
  • Links worth your time
    • Practical API Hacking
    • Rana Khalil's Web Security Academy Course
    • Portswigger's Web Security Academy
    • TCM Security Discord
    • PentesterLand Writeups
Powered by GitBook
On this page
  • What is resource of the week?
  • Feb 27th 2024
  • Feb 20th 2024
  • Feb 13th 2024
  • Feb 6nd 2024
  • Critical Thinking - Bug Bounty Podcast.
  • Jan 30th 2024
  • Rana Khalil YouTube & Academy
  • Jan 23rd 2024

Was this helpful?

  1. Live Stream Content

Resource of the week

PreviousLive Stream ContentNextMethodology

Last updated 1 year ago

Was this helpful?

What is resource of the week?

Every week we look to find an underrated resource and share it with the community. If you have something you want to share, drop it into the .

Feb 27th 2024

When you find yourself inside a docker container and really want to escape.

  • Deepce

Feb 20th 2024

This list refreshes every 5mins! So you can be the first to a target, increase your chances of success and reduce duplicates.

  • Bug Bounty Radar

Feb 13th 2024

  • My box recommendations thanks to icanhaspii (Discord)

  • rs0n_live

Feb 6nd 2024

Critical Thinking - Bug Bounty Podcast.

A great podcast with entertaining and knowledgeable hosts and guests. New episodes weekly!

  • Bug bounty

  • AppSec

  • Video podcast

Jan 30th 2024

Rana Khalil YouTube & Academy

If you want to learn about web app pentesting then this is a golden resource.

  • AppSec

Jan 23rd 2024

Mary Ellen Kennel's blog on everything DFIR!

  • Building a lab

  • DFIR

  • Blue team

  • Leadership

  • A lot more...

📽️
TCM Discord #tuesday-stream-questions
https://github.com/stealthcopter/deepce
https://bbradar.io/
https://bit.ly/AlexFaves
https://www.youtube.com/@rs0n_live
LogoCritical Thinking - Bug Bounty PodcastYouTube
LogoRana KhalilYouTube
LogoWeb Security Academy Series Course
LogoDFIRLinks