Collection of free books, papers and articles related to CTF challenges.
How To Get Started In CTF
CTFtime
Hack.lu (2014) Writeups
- OWASP - XSS
- OWASP - XSS Filter Evasion Cheat Sheet
- DOM Clobbering
- HTML Markup Injection
- Testing For Reflected XSS
- Testing For Stored XSS
- Testing For DOM-based XSS
- OWASP - SQLi
- Testing For SQL Injections
- SQL Backdoors
- Bypassing Modern SQL Injection Security Measures
- 9.6 Comment Syntax
- Cheat Sheets
- [video] Advanced SQL Injection
- [video] Defcon 18 - You Spent All That Money And You Still Got Owned
- w3af - Web Application Attack and Audit Framework (Windows/Linux)
- Firefox - Addon Pack (Web Pen Testing)