Instead of focus on vulnerability, try to understand the web application functionilities and features and then mapping with possible attack vectors. so that, you will yield more vulnerabilities compare than vulnerability focus approach.
Please use the below reference site for learning more about Web pentesting: - https://book.hacktricks.xyz/pentesting-web/web-vulnerabilities-methodologyarrow-up-right
Testing Checklist - https://alike-lantern-72d.notion.site/Web-Application-Penetration-Testing-Checklist-4792d95add7d4ffd85dd50a5f50659c6arrow-up-right
Reference Vulnerbility list:
Last updated 3 years ago
