Learning Resources

Hardening PHP through php.ini Configuration File –┬áReece Fowells Blog
Pentest Cheat Sheets – Pentest Monkey Same Origin Policy Explained – by Daniel Miessler
OWASP Testing Guide v4 Table of Contents – OWASP
Hacker101 Video Lessons – provided by Hackerone
Burp Testing Methodologies – Portswigger Web Security
Exploit Database by Offensive-Security – Database of known security exploits.
Bugcrowd University – Security, education, and training for bugbounties.

Bug Bounties

Hackerone – “More Fortune 500 and Forbes Global 1,000 companies trust HackerOne to test and secure the applications they depend on to run their business.”

Bugcrowd – “Bugcrowd is the #1 crowdsourced security platform. More enterprise organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next-gen pen test programs.”

Google Vulnerability Reward Program – “We have long enjoyed a close relationship with the security research community. To honor all the cutting-edge external contributions that help us keep our users safe, we maintain a Vulnerability Reward Program for Google-owned web properties, running continuously since November 2010.”

Microsoft Bug Bounty Program“Through targeted and ongoing bounty programs, we acknowledge researchers by rewarding them with cash for submitting their findings to one of our eligible bounty programs.”