Web hacking refers to the exploitation of applications via HTTP which can be done by manipulating the application via its graphical web interface, tampering with the Uniform Resource Identifier (URI), or tampering with HTTP elements not contained in the URI.
Basic Guide – https://github.com/infoslack/awesome-web-hacking
TruffleHog browser extension – https://github.com/trufflesecurity/Trufflehog-Chrome-Extension
Raider – https://github.com/DigeeX/raider
WARCannon – https://github.com/c6fc/warcannon
Scrapesy – https://pypi.org/project/scrapesy/
Intruder – https://www.intruder.io
Netsparker –https://www.netsparker.com/…/download-vulnerability…/
Nmap – https://nmap.org/download.html
Wireshark https://www.wireshark.org/download.html
Nessus – https://www.tenable.com/products/nessus
Burpsuite –https://portswigger.net/burp/communitydownload