| Topic | Resource(s) (You can click on them) | Description |
|---|---|---|
| General | the slides. | General overview of all topics within the domain of web |
| HTTP | MDN. | Learn about HTTP Basics |
| Input Vulnerabilities | HackTricks.xyz | Learn more about input validation, relating to SQL Injecitons, XSS, Command Injection, etc.. |
| Recon(naissance) | HackTricks.xyz. | Learn how to find vulnerabilities |
| Path traversal | PortSwigger | Path traversal |
| Command injection | CTF 101,github.com/swisskyrepo/PayloadsAllTheThings | Learn about HTTP Basics |
| Linux Shell Characters | docstore.mik.ua | An extensive list of special Linux shell characters and operations, although the basic ;cmd, $(cmd) and `cmd` can get you quite far. |
| SQL injection | this PortSwigger cheatsheet, or HackTricks.xyz | SQL Injection |
| XSS | OWASP for more info on CSRF generally, and for CTF related info see HackTricks.xyz. | Learn about HTTP Basics |
| SSRF | PortSwigger | Server Side Request Forgery |
| Broken authentication | PortSwigger | Broken authentication |