Security Training for Developers
Hack real, vulnerable web applications to learn how security exploits work.
Learn about all of the major vulnerabilities that threaten your stack.
SQL Injection
Cross-site Scripting
Command Execution
Clickjacking
Cross-site Request Forgery
Directory Traversal
Reflected XSS
DOM-based XSS
File Upload Vulnerabilities
Broken Access Control
Open Redirects
Unencrypted Communication
User Enumeration
Information Leakage
Password Mismanagement
Privilege Escalation
Session Fixation
Weak Session IDs
XML Bombs
XML External Entities
Denial of Service Attacks
Email Spoofing
Malvertising
Lax Security Settings
Toxic Dependencies
Logging and Monitoring
Buffer Overflows
Server-Side Request Forgery
Host Header Poisoning
Insecure Design
Mass Assignment
Prototype Pollution
Regex Injection
Remote Code Execution
Cross-Site Script Inclusion
Review concrete code samples illustrating the security flaws, and how to avoid them,
in the major programming languages.
Learn how prevalent, exploitable and dangerous each vulnerability is.
See why secure coding practices are important in every step of the
development cycle.
Test your knowledge as you learn by taking quizzes on each topic.
See it in action! Learn about...
SQL Injection
Command Execution
Directory Traversal