Course

Web Application Hacking

OWASP Top 10, secure testing methodology, and defensive understanding of common web risks (injection, XSS, SSRF, LFI, auth/session, APIs) using a lab-first, responsible approach.

Upgrade to access

Lessons

Completed

Progress

Lessons

Fundamentals & Burp Suite

Lesson 01

Introduction to the OWASP Top 10

Free

Lesson 02

Burp Suite — Essentials

Pro

Injection Risks

Lesson 01

SQL Injection (Defensive Understanding)

Pro

Lesson 02

Advanced SQLi Signals — Blind & Out-of-Band (Defensive View)

Pro

Lesson 03

OS Command Injection (Defensive Understanding)

Pro

XSS & CSRF

Lesson 01

XSS — Reflected, Stored & DOM (Defensive View)

Pro

Lesson 02

CSRF & Clickjacking (Defensive View)

Pro

Inclusion & SSRF

Lesson 01

File Inclusion & Path Traversal (Defensive View)

Pro

Lesson 02

SSRF — Server-Side Request Forgery (Defensive View)

Pro

Auth, Sessions & APIs

Lesson 01

Authentication & Session Security (Defensive View)

Pro

Lesson 02

REST API Security (Defensive View)

Pro

Lesson 03

IDOR & Mass Assignment (Defensive View)

Pro

Members only

Upgrade to unlock every lesson in this module.

View pricing