Getting into web pentesting from scratch. What knowledge (technology) stack is needed for web pentesting? Can you share your story?
I have a plan to do the following, what do you think? Also, how early did you start doing things in practice?
- Learn Ethical Hacking From Scratch and Learn Python & Ethical Hacking From Scratch by Udemy
- Linux Review and Code Execution (Linux Host Review)
- HTTP +HTTP Server and Firewall+Linux Exploitation
- SQL injection & Local File Include
- FTP and Traffic analysis
- Nmap and crypto attacks
8)SSL Pinning and Linux Exploitation
Practice and tutorial:
- Web applications - HackWare.ru
- Bandit Wargame analysis of solutions How to quickly get the basic skills of using the Linux console?
- SQL Injection Challenge SQL injection challenge by BAY
- Google XSS Vulnerability Game -XSS game
- Penetration test lab
6)PentesterLab: Our exercises
- Challenges / Web - Server
- Challenges / Web - Client
(https://www.root-me.org/en/Challenges/Web-Client/) + CTF analysis. Web Missions with Root-Me, part # 26. (https://tgraph.io/CTF-Web-Zadaniya-s-Root-Me-chast-26-05-11)