API Testing
Real Bugs - API Information Disclosure - A great discussion on the basics of API bugs by TCM. Heath also provides various additional resources to check out.
Learning Resources
Port Swigger's Academy
A free and very good resource on web application. Includes both tutorials, labs, and links to lab walkthroughs.
Hacker101
Provided as free training by the bug bounty platform HackerOne. Includes lessons and a CTF. If you are new to bug bounties this would be a great spot to start. The more CTF challenges you solve the more private invites you get.
Hackxor
An online web application hacking game. I prefer the other two resources but everyone learns differently. Try it to see if it jives with you and get some more hacking in.
Hacksplaining
Does a really good job at explaining web attacks. If you are struggling with a topic, check this site to see if they have a section on it.
A free and very good resource on web application. Includes both tutorials, labs, and links to lab walkthroughs.
Hacker101
Provided as free training by the bug bounty platform HackerOne. Includes lessons and a CTF. If you are new to bug bounties this would be a great spot to start. The more CTF challenges you solve the more private invites you get.
Hackxor
An online web application hacking game. I prefer the other two resources but everyone learns differently. Try it to see if it jives with you and get some more hacking in.
Hacksplaining
Does a really good job at explaining web attacks. If you are struggling with a topic, check this site to see if they have a section on it.