Main Resources

Each vulnerability group contains resources on the main explanation page as well as the further resources page.

This page contains the main resources for application security.

All learning materials | Web Security AcademyWebSecAcademy

OWASP Top Ten Web Application Security Risks | OWASP Foundationowasp.org

OWASP Web Security Testing Guide

WSTG - Latest | OWASP Foundationowasp.org

The OWASP Code Review Guide provides source code examples of each vulnerability and is a great learning resource and reference.

https://owasp.org/www-pdf-archive/OWASP_Code_Review_Guide_v2.pdfowasp.org

The OWASP Cheat Sheet contains examples and remediation for each vulnerability.

Introduction - OWASP Cheat Sheet Seriescheatsheetseries.owasp.org

Application Security Wikiappsecwiki.com

View hackerone reports on the hacktivity page. Use the search sidebar to search for specific vulnerabilities to read real world write-ups.

HackerOneHackerOne

GitHub - paragonie/awesome-appsec: A curated list of resources for learning about application securityGitHub

Hacktrickz is an amazing amalgamation of resources for pentesting and application security. Go to the web security section for web security.

2FA/MFA/OTP Bypass - HackTricksbook.hacktricks.xyz

This contains all the github awesome lists:

https://asmen.icopy.site/awesomeasmen.icopy.site