XXE is an awesome web application attack vector. Here is a great recommended short course on the subject!
Category: Beginner Tips
The best list for API Offensive and Defensive Security!
A MUST have for anyone who is experienced or new to API/Web Application penetration testing.
The best list for Android Offensive and Defensive Security!
A MUST have for anyone who is experienced or new to Android penetration testing.