Hey! I’ve been working in penetration testing for some time now, and during that time i’ve come across alot of fantastic resources for learning and developing as a pentester. This section will be dedicated to learning resources, writeups of non-hackthebox challenges, and any other resources i find particularly useful.
If you haven’t already, please read Web for pentester 1 - Setting Up
This guide will walk you through the Pentesterlabs - Web for pentester 1 XSS challenges.
The XSS challenge consists of 9 different tests, increasing in difficulty level as you progress.
Each level employs new filtering and protection techniques, so it is imperative that you learn to adapt your XSS payloads to the target.
Now if you’re ready to get started, let’s get into it.
This series of writeups is going to take you through the “web for pentester” series by pentesterlabs.
Pentesterlabs is a fantastic learning resource to teach you pentesting from the ground up, starting with basic exercises such as Cross Site Scripting (XSS) and SQL injection, and later moving to more complicated topics, dealing with authentication, and specific CVEs.