Port Swigger
Web Security Academy Series
GitHub Repo Click Here
This is a forked repo of rkhal101's original Web Security Academy Series.
In this version, many of the Python scripts have been refactored as well as expanding many of the notes and adding extra resources. Think of it being to PortSwigger WebAcademy what SwissKeyRepo is to Web App Pentesting payloads - A one stop shop for everything you need, built on the FOSS Philosophy.
To view the commit history and changes, click --> Here.
Feel free to suggest any imporvements, submit a pull request, etc, and share with anyone who might find this useful. Colaboration and suggestions for improvement is always welcomed. Click here to vist PortSwigger's Learning Path
How to use this repo ?
- Bookmark this page and use it as a jumping off point for the Learning Path.
- Right-click open in new tab, any of the links on this README.
- Think of it as a point of reference as you go through the labs.
- Open and explore any of the directories for notes, scripts and resources for any of the challenges.
Web Academy videos: walkthrough & explanations.
- Rana Khalil's Web Security Academy Series
- Michael Sommer
- My Featured videos on YouTube
- ! More video links at the bottom of this README !
Useful resources. I recommend bookmarking for quick access & reference.
- Swisskyrepo Payloads All The Things
- Hack Tricks: Web App hacking methodology
- Hack Tricks API Pentesting
- API Key Hacks: Checking the validity of some API keys discoverd on Bug Bounties
- Graudit - Source Code Review cmd line tool
- A collection of tools and resources I put together
- Supplemental resources: Notes, tips, payloads & more
People, researchers and organizations
- James Kettle
- Gareth Heys
- Port Swigger Research
- Secure Ideas
- Jason Haddix - The Bug Hunter's Methodology
- INTIGRITI
Preparing for the Certification:
- Links to the Individual Practioner-Level Labs
- Certification prepare Step 1: practitioner-level labs
- Certification prepare Step 2: core web security testing skills