Web Security :

Books:

• [The Web Application Hacker's Handbook Finding and Exploiting Security Flaws Kindle Edition by Dafydd Stuttard - 2011]([https://github.com/nairuzabulhul/E-Books/blob/master/Security/\[The](https://github.com/nairuzabulhul/E-Books/blob/master/Security/[The) Web Application Hacker's Handbook Finding and Exploiting Security Flaws Kindle Edition by Dafydd Stuttard - 2011].pdf)

  • Chapter 9 Notes for SQL

  • Chapter 12 Noted for XSS

#### Courses:

• [PTP NOTES](https://github.com/nairuzabulhul/RoadMap/tree/master/PTP/Web_Security\

• [General Notes from PTP](https://github.com/nairuzabulhul/RoadMap/blob/master/PTP/Web_Security/Web Security Notes.md\

• [SQL Notes:](https://github.com/nairuzabulhul/RoadMap/blob/master/PTP/Web_Security/SQL_NOTES.md\

• [XSS Notes:](https://github.com/nairuzabulhul/RoadMap/blob/master/PTP/Web_Security/XSS Notes.md\

• [Learning Website Pentesting from scratch by Zaid Sabih ](https://www.udemy.com/learn-website-hacking-penetration-testing-from-scratch/learn/v4/t/lecture/5878098?start=0\ __Udemy__ __Level: Beginners -- Intermediate__ <img src="https://s11.postimg.org/4xe7kokxf/star.pngg" width="10">

               <img src="https://s11.postimg.org/4xe7kokxf/star.pngg" width="10">
  
                <img src="https://s11.postimg.org/4xe7kokxf/star.pngg" width="10">
  
                <img src="https://s11.postimg.org/4xe7kokxf/star.pngg" width="10">
  
                <img src="https://s11.postimg.org/4xe7kokxf/star.pngg" width="10">
  

• [Web Application Penetration Testing with Burp Suite By Sunny Wear](https://www.pluralsight.com/courses/web-application-penetrationtesting-with-burp-suite\ __PluralSight__

• [CEH Web Security Section by ]()

• [SQL Injection by Tron Hunt](https://www.pluralsight.com/courses/ethical-hacking-sql-injection\ __PluralSight__

#### Hands-on:

• [Pentesterlab]()

• [Over The Wire - Natas](http://overthewire.org/wargames/natas/\

#### CheatSheet:

• [XSS Payloads](https://github.com/nairuzabulhul/RoadMap/blob/master/PTP/Web_Security/CheatSheets/XSS.md\

• [SQLInjections](https://github.com/nairuzabulhul/RoadMap/blob/master/PTP/Web_Security/CheatSheets/SQL.md\

• [Extra Resources: Shell Uploads ](http://www.securityidiots.com/Web-Pentest/hacking-website-by-shell-uploading.html\

• [Extra Resources: Shell uploads](https://xapax.gitbooks.io/security/content/bypass_image_upload.html\