Martian Defense NoteBook
  • Martian Defense Notebook
  • Training and Career
    • Keeping it Real for Beginners
    • Reading and Repos
    • Media
    • Guides
      • Cybersecurity Roadmaps
      • Cybersecurity Training Topics
      • AppSec Training Pathway
      • Interview Checklist
    • Platforms
      • General
      • Offensive Security
      • Defensive Security
      • CTF Sites
      • Live Vulnerable Sites
    • Entrepreneurship Roadmaps
      • Consulting
      • Starting a Business
  • Technical Resources
    • Offensive-Cybersecurity
      • Application Security
      • General
      • Recon + OSINT
      • Infrastructure Pentesting
      • Cloud Pentesting
      • Wordlists
      • Social Engineering
      • Mobile Pentesting
      • Container Security
      • Blockchain
    • Defensive-Cybersecurity
    • General Cybersecurity
      • Cybersecurity Operating Systems
    • Coding/Programming
    • Reverse Engineering
    • AI and ML
  • Notes
    • Product Security Engineering
      • DevSecOps
        • Docker
          • How to Dockerize Applications with Docker Compose (Using SQLite and Flask)
      • SAST/SCA
        • How to setup a GitHub Action for Code Security analysis
        • JavaScript Security Analysis
        • Java Security 101
        • Tools
        • CodeQL for Beginners
      • Product Security Hardening
      • Threat Modeling
      • PHP Security
    • AppSec Testing
      • Checklists
        • WEB APP PENTESTING CHECKLIST
        • API Testing Checklist
        • Android Pentesting Checklist
        • IoS Pentesting Checklist
        • Thick Client Pentesting Checklist
        • Secure Code Review Checklist
      • Targeted Test Cases
        • Part 1
        • Part 2
      • Common Web Attack and Prevention List
      • Ports and associated Vectors
      • DNS
      • Web Tools
      • Command Injection Testing
      • JWTs and JSON
    • Security Research
      • Publishing CVEs
      • Threat Intelligence
      • Shodan Dork Cheatsheet
      • Github Dorks
      • Bug Bounty
        • Bug Bounty Programs
      • Forums
    • Coding/Programming
      • Secure Coding Practices Checklist
      • JavaScript
      • Python
        • Quick Notes
        • Python Basics for Pentesters
        • Python Snippets
        • XML Basics with Python
      • Golang
        • Theory
        • Security
        • Modules
        • Entry Points
        • File Forensics
        • Cryptography and Encoding
        • Golang Snippets
      • PHP
        • Setup
        • Syntax
        • Variables and Data Types
        • Control Structures
        • Arrays
        • Functions
        • OOP Concepts
        • Database Integration
        • Handling HTTP Methods
        • Session Management
        • File Uploads
        • Email Function
        • Error Handling
        • Advanced Topics and Best Practices
    • Network Security
      • Domain Trust Enumeration
      • Bleeding Edge Vulnerabilities
      • Post-Exploitation
      • Access Control Lists and Entries (ACL & ACE)
      • Credentialed Enumeration
      • Password Attacks
        • Internal Password Spraying
        • Remote Password Attacks
        • Linux Local Password Attacks
        • Windows Local Password Attacks
        • Windows Lateral Movement
      • PowerView
      • Pivoting, Tunneling and Forwarding
        • Advanced Tunneling Methods
        • Dynamic Port Forwarding (SSH + Socks)
        • Port Forwarding Tools
        • SoCat
      • Linux Privilege Escalation
      • Windows Privesc
        • OS Attacks
        • Windows User Privileges
        • Windows Group Privileges
        • Manual Enumeration
        • Credential Theft
      • Kerberos Attacks
        • Kerberos Quick Reference Sheet
    • Cloud Security Testing
    • Defensive Security
      • Splunk
        • Basic Queries
        • Dashboards
      • Forensics
        • Volatility
      • WireShark filters
    • Governance, Risk, Compliance
      • Vulnerability Management Lifecycle
    • Capture-the-Flag Training
      • Vulnerable Machine Checklist
      • Reverse Engineering Checklist
      • Mobile Checklist
      • Forensics Checklist
      • Binary Exploitation
      • Cryptography Checklist
    • Reporting
    • PowerShell
    • Linux Basics
  • Digital Privacy and Hygiene
    • Personal Information Removal Services
    • De-Googling Android
    • DNS Services
    • Privacy References
    • Opsec
  • RedPlanet Labs
    • PyGOAT
    • OWASP Juice Shop
Powered by GitBook
On this page
  • Getting Started
  • Field References
  1. Technical Resources
  2. Offensive-Cybersecurity

Application Security

Reliable Resources for AppSec

Getting Started

Component
Description

Back end Servers

The hardware and operating system that hosts all other components and are usually run on operating systems like Linux, Windows, or using Containers.

Web Servers

Web servers handle HTTP requests and connections. Some examples are Apache, NGINX, and IIS.

Databases

Databases (DBs) store and retrieve the web application data. Some examples of relational databases are MySQL, MSSQL, Oracle, PostgreSQL, while examples of non-relational databases include NoSQL and MongoDB.

Development Frameworks

Development Frameworks are used to develop the core Web Application. Some well-known frameworks include PHP, C#, Java, Python, and NodeJS JavaScript

Field References

Mobile Application Testing Guides

iOS

Android

Top Programs

  1. Bugcrowd

  2. HackerOne

  3. Intigriti

  4. YesWeHack

  5. Synack, Inc.

  6. HackenProof | Web3 bug bounty platform

  7. Open Bug Bounty

  8. Immunefi

  9. Cobalt

  10. Zerocopter

  11. Yogosha

  12. SafeHats

  13. Vulnerability Research Labs, LLC

  14. AntiHACKme Pte Ltd

  15. RedStorm Information Security

  16. Cyber Army Indonesia

  17. Hacktrophy

  18. Nordic Defender

  19. Capture The Bug

  20. Bugbounter

  21. Detectify

  22. BugBase

  23. Code4rena

  24. huntr

  25. Pentabug

References

Resources

Testing Tools

Tools

Reconnaissance

Directory Fuzzing

SubDomain/DNS Enumeration

Extensions and Plugins

BurpSuite Plugins

Common

Additional Plugins

Burp Bounty – Profile-based scanner

Active Scan++ – Add more power to Burp’s Active Scanner

AuthMatrix – Authorization/PrivEsc checks

Broken Link Hijacking – For BLH (Broken Link Hijacking)

Collaborator Everywhere – Pingback/SSRF (Server-Side Request Forgery)

Command Injection Attacker

Content-Type Converter – Trying to bypass certain restrictions by changing Content-Type

Decoder Improved – More decoder features

Freddy – Deserialization

Flow – Better HTTP history

HTTP Request Smuggler

Hunt – Potential vuln identifier

InQL – GraphQL Introspection testing

J2EE Scan – Scanning J2EE apps

JSON/JS Beautifier

JSON Web Token Attacker

ParamMiner – Mine hidden parameters

Reflected File Download Checker

Reflected Parameter – Potential reflection

SAML Raider – SAML testing

Upload Scanner – File upload tester

Web Cache Deception Scanner

Detection and Evasions

---

---

JS, PHP, HTML Deobfuscation

Common Attacks

Advanced Attacks

PreviousOffensive-CybersecurityNextGeneral

Last updated 4 months ago

!

!

!

-Mobile Application Security Verification Standard

- Mobile Application Security Testing Guide

by Security Innovation

by JSSEC

- Vulnerable code snippets with fixes

website and

- open-source tool to help find/track user input sinks and other security bugs

- interactive Mind Map

-converts a response of an introspection query into a visual graph that maps

-can inspect the introspection query results and generate clean documentation in different formats (Burp Extension)

Online !

- Use alias in CLI to easily discover installed wordlists

- various lists

!

!

(Recon)

(in ) - generate nuclei template from burp requests

(in ) - Security testing Payloads

Burp Extension (in )

(in )

- Automatic authorization enforcement detection

– Handy type conversion

- Discovers sensitive information inside HTTP messages

- Bypass WAFs through the insertion of Junk Data

(test javascript code excution)

(obfuscator/code editor for CSS, HTML and JS)

(JS de-obfuscator)

(obfuscator/code editor)

!

(Automated Template Injection) from @epinna

(Automated Template Injection) from @vladko312

!

!

for MSSQL

for MSSQL

- Online tool

- cli tool

- AKA "ysoserial for PHP"

SonarQube
Git Repo
CodeCat
Betterscan
NIST SP 800-30
https://www.youtube.com/playlist?list=PLCVhBqLDKoOOZqKt74QI4pbDUnXSQo0nf
LFI Tester
Blind SSRF Chains repo
https://github.com/assetnote/surf
TPLMap
SSTImap
CSS Button Generator
CSS Version 3 Button Generator
Clickjacker
Click-Jack
OWASP WSTG 4.2
Burpsuite: Commercial Web app testing tool
Awesome Application Security Checklist
OWASP Cheat Sheet Series
Awesome Web Hacking from @infoslack
Awesome Web Security
PortSwigger Web Security Academy Lab Files from @rkhal101
Hack-Tools Chrome Extension for Web Pentesting
OWASP Vulnerability Scanner Tool List
Awesome Hacking Resources
Damn Vulnerable PHP App
Vulnerable Java Application
OWASP Secrets Management focused vulnerable app
403 byebye
TCM Security PWST Lab Environment
Web Pentesting Checklist by Joas
Hetty tool
HBSQLi
OWASP MASVS
OWASP MSTG
OWASP MAS Checklist
iOS Testing Guide
Secure Coding guide
Intro to Android Pentesting by HackTheBox
Bug Hunter Handbook
Awesome Bug Bounty Resources
Awesome Bug Bounty Hunting Tool
All About Bug Bounty Note Repo
BugHunter Handbook
Bug Bounty Wiki
VulnPlanet
OWASP API Security Top 10 Vulnerabilities
API Security Checklist
Keyhacks
Vulnerable API Instance by @raj-kumar-j
Hacking APIs book by Corey Ball
DVWS: Vulnerable application with web service and API
DVGA: Vulnerable GraphQL API application
API Workshop by Corey Ball
OWASP API Tool List
MindAPI
Grapql-cop
graphql voyager
InQL
JSON Web Token (JWT) Tool/Reference
SOAPUI
Postman
Kubeshark - API Traffic Viewer for Kubernetes
Metlo - API security tool
KiteRunner
Final Recon (Web Reconnaissance) from @thewhiteh4t
Sublist3r
patator
ffuf
wfuzz
xnLinkFinder
WebOSINT
All in One Recon Tool (AORT)
katana by ProjectDiscovery
Domain to IP converter (Python) by @YSSVirus
Cariddi by @edoardott
CeWL
fzf
SecLists
MayorSec DNS Scan
PureDNS
DNSrr
AquaTone
DNSReaper
HackTools Browser Extension Repo (Easier install from extension menu)
Penetration Testing Kit Browser Extension
Wappalyzer Browser Extension
Vulners Browser Extension
Awesome Burp Extensions
Burp Upload Scanner
Dorkish
Nuclei burp plugin
Bapp store
HackBar Extension
Bapp store
IP Rotate
BApp store
Bypass-WAF
BAPP store
Autorize
Hackvertor
Sensitive Discoverer
Nowafpls
wafw00f from @enableSecurity
Online Javascript Obfuscator
JavaScript Console
Toptal JavaScript-Minifier
Beautifier
JSNice
Prettier
PortSwigger XSS Cheat Sheet
XSS Exploitatation Tool
Tiny XSS Payloads
D4rkXSS
IbrahimXSS
SqlMap: An SQL injection and database takeover tool
SQL Injection Cheatsheet
Advanced SQL Injection Cheatsheet
Ghauri
Userefuzz - SQLi Fuzzing tool
SQLi Knowledge Base
SQLRecon - C# Recon and Exploitation
PySQLRecon - Python Recon and Exploitation
ysoerial for Java libraries
Java Deserialization CheatSheet
ysoserial for .NET libraries
PHP Generic Gadget chains (PHPGGC)