git404hub

what is awesome-web-hacking fr?

infoslack/awesome-web-hacking — explained in plain English

Analysis updated 2026-06-24

6,823Audience · developerComplexity · 1/5Setup · easy

tl;dr

A curated collection of web application security learning resources including books, tools, practice labs, courses, and OWASP documentation for beginners through experienced practitioners.

vibe map

mindmap
  root((repo))
    Learning Resources
      Books
      Online Courses
    Tools
      Scanners
      Proxy Tools
    Practice Labs
      Vulnerable Apps
      Docker Images
    Standards
      OWASP
      Cheat Sheets
    Community
      Pull Requests
      Contributions

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

what do people make with this?

VIBE 1

Find books and courses to learn web application penetration testing from scratch.

VIBE 2

Discover open-source security scanning and proxy tools for testing web apps.

VIBE 3

Practice attack and defense techniques in legal vulnerable lab environments.

VIBE 4

Look up OWASP standards and cheat sheets while preparing for a security assessment.

how it stacks up fr

infoslack/awesome-web-hackinggurupreet/composecookbooksebastianbergmann/exporter
Stars6,8236,8236,823
LanguageKotlinPHP
Setup difficultyeasyeasyeasy
Complexity1/52/52/5
Audiencedeveloperdeveloperdeveloper

Figures from each repo's GitHub metadata at analysis time.

how do i run it?

Difficulty · easy time til it works · 5min
No license information provided in the explanation.

in plain english

This repository is a curated list of resources for anyone who wants to learn about web application security. It covers a broad range of material from introductory to advanced, organized into sections including books, documentation, tools, cheat sheets, practice labs, online courses, and Docker images set up for security testing work. The books section includes titles on SQL injection, cross-site scripting, penetration testing with specific tools, and general web application security for beginners through experienced practitioners. The documentation section links to standards and frameworks including OWASP, the Open Web Application Security Project, which publishes widely referenced guidance on application security risks and defenses. The tools section lists both free open-source tools and commercial options used in penetration testing and vulnerability scanning. These include scanners that probe web servers for known weaknesses, proxy tools that intercept and manipulate browser traffic, frameworks for running structured attack tests, and tools targeting specific platforms such as WordPress. Many of the linked tools are actively maintained separate projects. The labs and online hacking demonstration sites section points to intentionally vulnerable applications you can practice against legally. These are environments built to be broken into as a way of learning attack techniques and how defenses work. The list is community-maintained, meaning anyone can submit a pull request to add a new resource. There is no code in this repository, the entire content is links and brief descriptions. It is primarily aimed at people starting out in security or looking to fill gaps in a specific topic area, rather than at experienced professionals who would already know most of the listed resources.

prompts (copy fr)

prompt 1
I want to learn web application security testing. Based on the awesome-web-hacking list, give me a 4-week study plan starting with beginner books and ending with hands-on lab practice.
prompt 2
I need to set up a web security testing environment. List the open-source proxy and scanning tools from awesome-web-hacking and explain what each one does in plain English.
prompt 3
I want to practice SQL injection and XSS safely. Which intentionally vulnerable apps from the awesome-web-hacking list should I start with and why?
prompt 4
Explain OWASP and why it matters for web security, then name the top 5 risks a beginner should understand first.

Frequently asked questions

what is awesome-web-hacking fr?

A curated collection of web application security learning resources including books, tools, practice labs, courses, and OWASP documentation for beginners through experienced practitioners.

What license does awesome-web-hacking use?

No license information provided in the explanation.

How hard is awesome-web-hacking to set up?

Setup difficulty is rated easy, with roughly 5min to a first successful run.

Who is awesome-web-hacking for?

Mainly developer.

peek the repo → explain another one

This repo across BitVibe Labs

double-check against the repo, no cap.