**
Note** - Some of the links may become unavailable (returning a 404 error) in the future. If you come across any broken links, please help us by reporting them in the issue section or submitting a Pull Request to suggest a replacement.
Content List:
Phase 1 – History
Phase 2 – Web and Server Technology
Phase 5 – Understanding and exploiting OWASP top 10 vulnerabilities
Phase 6 – Session management testing
Phase 7 – Bypassing client-side controls
Phase 8 – Attacking authentication/login
Phase 9 - Attacking access controls (IDOR, Priv esc, hidden files and directories)
Phase 10 – Attacking Input validations (All injections, XSS and mics)
Phase 11 – Generating and testing error codes
Phase 12 – Weak cryptography testing
Phase 13 – Business logic vulnerability