Here, I have a created curated list for learning and exploring the world of Pentesting. This is for everyone and anyone who need's a headsup, or wants to get more clearer on certain topics.
Also play CTF's as they allow you to utilize your hacking skills legally in a more controlled and protected environment.
Also, I highly recommend to start by reading a article asking a question: So you want to be a web security researcher?
Also, don't forget to check out my blog or say hi to me on my Twitter!
- TryHackMe
- Pentesterlab
- PortSwigger's Web Security Academy
- HackTheBox
- RootMe
- HackThisSite
- Hacker101
- PentesterAcademy
- The Offensive Labs
- Cybrary
- INE
- Damn Vulnerable Web Application
- Xtreme Vulnerable Web Application
- BWAPP
- OWASP JuiceShop
- OWASP WebGoat
- OWASP Attacks
- OWASP Vulnerabilities
- OWASP Vulnerable Web Application
- HackTricks
- Awesome Web Security
- Awesome Web Hacking
- #web-security
- Stanford Web Security
- James Kettle's hackxor
- Stanford Web Security
- LiveOverflow Web Hacking
- PwnFunction Web Security
- Hussen Nasser Web Security
- Computerphile
- List of all Important Video Resources for Web Application Testing
- Web Hacking 101
- Web Application Security, A Beginner's Guide
- The Web Application Hacker's Handbook
- The Book of Secret Knowledge