Rat's methodology

Tools

Practical Demonstration - Main Web Application hacking

Broad scope methodology - Manual

Security zines: SOP

Uncle rat's mobile testing guide

API testing

WAF - Web application firewalls

Grand Ethical Hacking Course

Ethical hacking for devs, analysts and architects - A practical guide to building hacking and securing your application

OWASP courses

Pentesting assignment

EC-Council: JMeter

Protection mechanisms

Pentesting course

XSS Guide

Mini: XSS Learning path

CNWPP - Certified Network & Web app Pentesting Professional