Security-Research-Tutorials

Personal collection of tutorial resources that can be helpful in my quest to security research and web application hacking. Credit to BugCroud, most resources were from thier blog posts. Please let me know if you have any suggestions for resources that i should add to this list.

##Web applications:

XSS

• Tutorial on cross-site scripting A comprehensive tutorial on cross-site scripting
• Attacks using XSS Filters/IDS Favorite XSS Filters/IDS and how to attack them- PDF
• XSS Introduction Introduction to cross-site scripting Google

### CSRF

• Cross-Site Request Forgery Finding and Preventing CSRF- PDF
• [Exploiting CSRF Vulnerabilities] (http://tipstrickshack.blogspot.jp/2012/10/how-to-exploit-csfr-vulnerabilitycsrf.html) How to exploit CSRF Vulnerabilities

### SQL Injection

• SQL InjectionIntroduction to SQL Injection
• [MSSQL Injection PWNage] (https://www.exploit-db.com/papers/12975/)Full MSSQL Injection PWNage
• [Everything SQL injection] (http://www.troyhunt.com/2013/07/everything-you-wanted-to-know-about-sql.html)Everything you wanted to know about SQL injection

### Remote Code/Command Execution

• [Finding RCE] (http://exploit-db.com/papers/12885/)How to find RCE in scripts with examples
• [Yahoo LFI Converted to RCE] (https://soroush.secproject.com/blog/2013/10/yahoo-bug-bounty-program-lfi-reported-and-patched/) Yahoo LFI Converted to RCE
• [Remote Code Execution in Elasticsearch] (http://jordan-wright.com/blog/2015/03/08/elasticsearch-rce-vulnerability-cve-2015-1427/) Remote Code Execution in Elasticsearch - CVE-2015-1427

### XXE

• XXE Detection Generic XXE Detection
• [XML Out-Of-Band Data Retrieval] (https://media.blackhat.com/eu-13/briefings/Osipov/bh-eu-13-XML-data-osipov-slides.pdf)
• SSRF vs XXE tunneling in SAP SSRF vs. Business-critical applications: XXE tunneling in SAP
• About XXE What you don't know about XXE

### Other:

• SSRF Attacks
• [How to steal and modify data using Business Logic flaws] (https://www.youtube.com/watch?v=mQjTgDuLsp4)
• [Exploiting CVE-2011-2461 on google.com] (http://blog.mindedsecurity.com/2015/03/exploiting-cve-2011-2461-on-googlecom.html)
• InjectX to find XSS

### Mobile Applications: #### Android

• Debugging Java Applications Debugging Java Applications Using JDB and how to use CMD
• Hacking Android Apps Hacking Android Apps Using Backup Techniques

### iOS

• [Setting Up a Mobile Pentesting Platform]
• [iOS Application Security]

###Tutorials * [PentesterLab - PentesterLab provides vulnerable systems that can be used to test and understand vulnerabilities] * [Exploit Database](https://www.exploit-db.com/papers/)Papers on Newly Updated Exploits * [Hunting for Top Bounties] * ###Tools * [Burp Suite](https://portswigger.net/burp/) An integrated platform for performing security testing of web applications * [SQL Map](http://sqlmap.org/) An open source penetration tool that automates the process of detecting and exploiting SQL injection flaws and taing over of database servers [Tutorial] (http://www.binarytides.com/sqlmap-hacking-tutorial/) * [SQL Ninja] (http://sqlninja.sourceforge.net/) Sqlninja is a tool targeted to exploit SQL Injection vulnerabilities on a web application that uses Microsoft SQL Server as its back-end [How To] (http://www.jedge.com/wordpress/sqlninja-sql-injection/) * [Hack Bar](https://addons.mozilla.org/en-us/firefox/addon/hackbar/)This Firefox toolbar will help you in testing sql injections, XSS holes and site security. * [Knock](https://github.com/guelfoweb/knock ) Enumerates subdomains on a target domain through a wordlist [How To] (http://www.securitytube.net/video/6549) * [The ZED Attack Proxy ZAP] (https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project) * [Ratproxy by Google ] (https://code.google.com/p/ratproxy/) [How To](http://www.daveperrett.com/articles/2010/09/24/security-testing-with-googles-ratproxy/) * [OWASP SKANDA Exploitation Framework] (http://www.chmag.in/owasp-skanda-ssrf-exploitation-framework/) * [man ascii] (unixhelp.ed.ac.uk/CGI/man-cgi?ascii+7) On most unices gives you the ASCII table with decimal, octal and hex codes for each character * [DNS Discovery](https://github.com/m0nad/DNS-Discovery) A multithreaded subdomain bruteforcer. * [Iron WASP](https://ironwasp.org/) free & open source security scanner * [WebSlayer](www.edge-security.com/webslayer.php) One of the best free tools available" ###Video Channels *[hacktivity](https://www.youtube.com/channel/UC71Pa-YHA32hYPKTRjZgbXw)