Toolkit

• Attack platform (Kali, ParrotOS, etc)

• Automated tools (Burp Scanner, Dirbuster, Nikto, etc)

• Browser (Add-ons)

• Interception proxies (Burp or ZAP)

Metasploit

There are >150 entries that can be used against web server scanning, crawling, and querying:

• auxiliary/scanner/http/

• Basic Spiders: auxiliary/crawler/msfcrawler and auxiliary/scanner/http/crawler

• wmap (Web Scanning not updated since 2012)

• sqlmap

Guides

OWASP WSTG - Web Security Testing Guide: https://owasp.org/www-project-web-security-testing-guide/v41/

PortSwigger - Service-Side template Injection: https://portswigger.net/web-security/server-side-template-injection

WebApp Hacking: Web Application Technologies, Part 1 https://www.hackers-arise.com/post/2018/07/22/web-app-hacking-web-application-technologies-part-1

Training Resources

KONTRA - OWASP Top 10, free appsec training https://application.security/free-application-security-training

For Self Hosted Vulnerable Web Apps or Sites see: https://notes.defendergb.org/other-resources

Scripts

Haksecuritytxt https://github.com/hakluke/haksecuritytxt Takes a list of domains as the input, checks if they have a security.txt, outputs the results.

Wordlist

Full wordlist https://github.com/SilverPoision/a-full-list-of-wordlists/tree/master/Wordlists/burp_pack

Other Resources

Why Server-Side Input Validation Matters: https://soatok.blog/2020/04/27/why-server-side-input-validation-matters/amp/?__twitter_impression=true