HackPath
BBoooottccaammppNEWCCoouurrsseessRRooaaddmmaappPPrraaccttiicceePPrriicciinngg
← BACK

COURSE

Web Application Hacking

OWASP Top 10, secure testing methodology, and defensive understanding of common web risks (injection, XSS, SSRF, LFI, auth/session, APIs) using a lab-first, responsible approach.

FREE_PREVIEW.EXE

1 free lesson to get started, then 11 premium lessons with exercises, scenarios, and solutions.

Start free lessonUnlock full access
LESSONS.EXE

12

LESSONS
COMPLETED.EXE

0

COMPLETED
PROGRESS.EXE

0%

PROGRESS

LESSONS

FUNDAMENTALS & BURP SUITE

LESSON 01

Introduction to the OWASP Top 10

Free

LESSON 02

Burp Suite — Essentials

Members only

UNLOCK
INJECTION RISKS

LESSON 01

SQL Injection (Defensive Understanding)

Members only

UNLOCK

LESSON 02

Advanced SQLi Signals — Blind & Out-of-Band (Defensive View)

Members only

UNLOCK

LESSON 03

OS Command Injection (Defensive Understanding)

Members only

UNLOCK
XSS & CSRF

LESSON 01

XSS — Reflected, Stored & DOM (Defensive View)

Members only

UNLOCK

LESSON 02

CSRF & Clickjacking (Defensive View)

Members only

UNLOCK
INCLUSION & SSRF

LESSON 01

File Inclusion & Path Traversal (Defensive View)

Members only

UNLOCK

LESSON 02

SSRF — Server-Side Request Forgery (Defensive View)

Members only

UNLOCK
AUTH, SESSIONS & APIS

LESSON 01

Authentication & Session Security (Defensive View)

Members only

UNLOCK

LESSON 02

REST API Security (Defensive View)

Members only

UNLOCK

LESSON 03

IDOR & Mass Assignment (Defensive View)

Members only

UNLOCK