Hardening PHP through php.ini Configuration File – Reece Fowells Blog
Pentest Cheat Sheets – Pentest Monkey Same Origin Policy Explained – by Daniel Miessler
OWASP Testing Guide v4 Table of Contents – OWASP
Hacker101 Video Lessons – provided by Hackerone
Burp Testing Methodologies – Portswigger Web Security
Exploit Database by Offensive-Security – Database of known security exploits.
Bugcrowd University – Security, education, and training for bugbounties.
Hackerone – “More Fortune 500 and Forbes Global 1,000 companies trust HackerOne to test and secure the applications they depend on to run their business.”
Bugcrowd – “Bugcrowd is the #1 crowdsourced security platform. More enterprise organizations trust Bugcrowd to manage their bug bounty, vulnerability disclosure, and next-gen pen test programs.”
Google Vulnerability Reward Program – “We have long enjoyed a close relationship with the security research community. To honor all the cutting-edge external contributions that help us keep our users safe, we maintain a Vulnerability Reward Program for Google-owned web properties, running continuously since November 2010.”
Microsoft Bug Bounty Program – “Through targeted and ongoing bounty programs, we acknowledge researchers by rewarding them with cash for submitting their findings to one of our eligible bounty programs.”