Links
Comment on page

Application Security

Reliable Resources for AppSec

Getting Started

Component
Description
Back end Servers
The hardware and operating system that hosts all other components and are usually run on operating systems like Linux, Windows, or using Containers.
Web Servers
Web servers handle HTTP requests and connections. Some examples are Apache, NGINX, and IIS.
Databases
Databases (DBs) store and retrieve the web application data. Some examples of relational databases are MySQL, MSSQL, Oracle, PostgreSQL, while examples of non-relational databases include NoSQL and MongoDB.
Development Frameworks
Development Frameworks are used to develop the core Web Application. Some well-known frameworks include PHP, C#, Java, Python, and NodeJS JavaScript

Field References

General
Mobile
Security Research
Code Analysis
API
Threat Modeling

Mobile Application Testing Guides

OWASP MASVS -Mobile Application Security Verification Standard
OWASP MSTG - Mobile Application Security Testing Guide

iOS

iOS Testing Guide by Security Innovation

Android

Top Programs

  1. 1.
    Bugcrowd
  2. 2.
    HackerOne
  3. 3.
    Intigriti
  4. 4.
    YesWeHack ⠵
  5. 5.
    Synack, Inc.
  6. 6.
    HackenProof | Web3 bug bounty platform 🇺🇦
  7. 7.
    Open Bug Bounty
  8. 8.
    Immunefi
  9. 9.
    Cobalt
  10. 10.
    Zerocopter
  11. 11.
    Yogosha
  12. 12.
    SafeHats
  13. 13.
    Vulnerability Research Labs, LLC
  14. 14.
    AntiHACKme Pte Ltd
  15. 15.
    RedStorm Information Security
  16. 16.
    Cyber Army Indonesia
  17. 17.
    Hacktrophy
  18. 18.
    Nordic Defender
  19. 19.
    Capture The Bug
  20. 20.
    Bugbounter
  21. 21.
    Detectify
  22. 22.
    BugBase
  23. 23.
    Code4rena
  24. 24.
    huntr
  25. 25.
    Pentabug

References

Testing Tools

Tools
Text
Text
graphql voyager -converts a response of an introspection query into a visual graph that maps
InQL -can inspect the introspection query results and generate clean documentation in different formats (Burp Extension)
SOAPUI
Postman
Recon
Browser Add-ons
Burp Add-ons
WAF
Deobfuscation

Reconnaissance

Directory Fuzzing

CeWL
fzf - Use alias in CLI to easily discover installed wordlists
SecLists - various lists

SubDomain/DNS Enumeration

PureDNS
DNSrr
AquaTone
DNSReaper

BurpSuite Plugins

Common
Text
Nuclei burp plugin (in Bapp store) - generate nuclei template from burp requests
HackBar Extension (in Bapp store) - Security testing Payloads
IP Rotate Burp Extension (in BApp store)
Autorize - Automatic authorization enforcement detection
Hackvertor – Handy type conversion

Additional Plugins

Burp Bounty – Profile-based scanner
Active Scan++ – Add more power to Burp’s Active Scanner
AuthMatrix – Authorization/PrivEsc checks
Broken Link Hijacking – For BLH (Broken Link Hijacking)
Collaborator Everywhere – Pingback/SSRF (Server-Side Request Forgery)
Command Injection Attacker
Content-Type Converter – Trying to bypass certain restrictions by changing Content-Type
Decoder Improved – More decoder features
Freddy – Deserialization
Flow – Better HTTP history
HTTP Request Smuggler
Hunt – Potential vuln identifier
InQL – GraphQL Introspection testing
J2EE Scan – Scanning J2EE apps
JSON/JS Beautifier
JSON Web Token Attacker
ParamMiner – Mine hidden parameters
Reflected File Download Checker
Reflected Parameter – Potential reflection
SAML Raider – SAML testing
Upload Scanner – File upload tester
Web Cache Deception Scanner

Detection and Evasions

JS, PHP, HTML Deobfuscation
JavaScript Console (test javascript code excution)
Beautifier (obfuscator/code editor for CSS, HTML and JS)
JSNice (JS de-obfuscator)
Prettier (obfuscator/code editor)

Common Attacks

XSS
LFI/RFI
SSRF
SSTI
SQLi
Clickjacking
  • TPLMap (Automated Template Injection) from @epinna
  • SSTImap (Automated Template Injection) from @vladko312

Advanced Attacks