Ask HN: What's the best resource to learn web-app pentesting?

3 points by saasly ↗ HN

3 comments

[ 3.2 ms ] story [ 20.8 ms ] thread
(comment deleted)
Can't really go wrong with https://portswigger.net/web-security , which is a spiritual successor to the Web Application Hacker's handbook 2nd edition. If you want more practice, take a look at things like TryHackMe and HackTheBox, both of which have plenty of web-focused modules to work through as well.
Thoughts on Offensive Security's course/content?