Links
- https://github.com/OWASP/wstg
- https://www.cyberark.com/resources/threat-research-blog/racing-and-fuzzing-http-3-open-sourcing-quicdraw
- https://portswigger.net/research/websocket-turbo-intruder-unearthing-the-websocket-goldmine
- https://portswigger.net/research/cookie-chaos-how-to-bypass-host-and-secure-cookie-prefixes
- https://portswigger.net/research/top-10-web-hacking-techniques-of-2024
- https://portswigger.net/research/articles
- https://redsiege.com/blog/2025/11/bypass-mode-taking-down-ssl-pinning-in-web-apps/
- https://redsiege.com/blog/2025/11/content-security-policy-the-web-testers-headache/
- https://dominicbreuker.com/encoders/
- https://github.com/maycon/TRECO
- https://www.invicti.com/learn/json-injection
- https://bishopfox.com/blog/json-interoperability-vulnerabilities