Interactive Learning

Pick a vulnerability to learn about

Filter:

Difficulty:

Beginner

15 min

SQL Injection

If you are vulnerable to SQL injection, attackers can run arbitrary commands against your database.

Beginner

12 min

Cross-Site Scripting

If your site allows users to add content, you need to be sure that attackers cannot inject malicious JavaScript.

Intermediate

18 min

Command Execution

If your application calls out to the OS, you need to be sure command strings are securely constructed.

Beginner

10 min

Clickjacking

As an application author, you need to be sure your users aren't having their clicks stolen by attackers.

Intermediate

16 min

Cross-Site Request Forgery

If an attacker can forge HTTP requests to your site, they may be able to trick your users into triggering unintended actions.

Beginner

14 min

Directory Traversal

Ensure file paths are safely interpreted, or hackers can access sensitive files on your server.

Intermediate

20 min

Broken Authentication

Weak authentication systems allow attackers to compromise passwords, keys, or session tokens.

Total Lessons

240+

Minutes of Content

Recommended Learning Path

New to web security? Follow our recommended path to build your knowledge systematically.

Start with Beginner lessons

Practice with Intermediate

Master Advanced topics