Rana Khalil – Web Security Academy Series

Learn how to hack web applications, automate your exploits in python and defend web applications against real world attacks! For each vulnerability type, we dive into the technical details and then gain hands-on experience by solving labs that model real-world vulnerabilities.


Syllabus:

Introduction
Getting Help
Lab Environment Setup
SQL Injection
Authentication Vulnerabilities
Directory Traversal
OS Command Injection
Business Logic Vulnerabilities
Information Disclosure
Access Control Vulnerabilities
File Upload Vulnerabilities
Server-Side Request Forgery (SSRF)
XXE Injection
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
Cross-origin Resource Sharing (CORS)
Clickjacking
DOM-based Vulnerabilities
WebSockets Vulnerabilities
JWT Attacks
HTTP Host Header Attacks
OAuth 2.0 Vulnerabilities