Web Security Academy

Learning path

Here's how to get the most out of the Web Security Academy:

It can be challenging to start if you’re new to web security. This suggested learning path was developed by us as a way to guide you in the appropriate direction because of this. Although we advise doing the labs as you go, if you find yourself stuck, don’t be scared to move on to the next topic. Once you’ve honed your talents more, you can return to the harder labs.

You might put your web security testing skills to the test once you’ve begun to develop them by earning our Burp Suite Certified Practitioner certification. You must be able to comfortably finish all of the Web Security Academy labs with the label “Practitioner” or below before you are prepared to take the Burp Suite Certified Practitioner test. Although there is no deadline for finishing the labs, you must be able to do so without using the offered solutions.

Server-Side Topics

We advise beginning with our server-side topics for total beginners. Since you simply need to comprehend what is happening on the server, these vulnerabilities are usually simpler to discover. You can build some of the fundamental skills and knowledge that you will frequently use with the aid of our resources and laboratories.

1 SQL injection

Go to Topic

16 Labs

2 Authentication

Go to Topic

14 Labs

3 Directory traversal

Go to Topic

6 Labs

4 Command Injection

Go to Topic

5 Labs

5 Information Disclosure

Go to Topic

5 Labs

6 Access Control

Go to Topic

11 Labs

7 XXE injection

Go to Topic

9 Labs

8 File Upload Vulnerabilities

Go to Topic

7 Labs

9 Business Logic Vulnerabilities

Go to Topic

11 Labs

10 Server-Side Request Forgery (SSRF)

Go to Topic

7 Labs

Congratulations, we have successfully covered all the essential Server-Side Topics! It’s been a rewarding journey delving into the intricacies of backend development, server management, and data handling. But the adventure doesn’t end here; it’s time to set our sights on Client-Side Topics. With this new chapter, we’ll explore the fascinating realm of front-end development, user interfaces, and interactive experiences. Get ready to dive into the world of HTML, CSS, JavaScript, and frameworks like React and Angular. Embracing Client-Side Topics will undoubtedly expand our skillet and enable us to create more dynamic and engaging web applications that deliver exceptional user experiences. Let’s embark on this next phase of learning with enthusiasm and determination!

Client-Side Topics

Client-Side Topics involve creating user experiences on the web through HTML, CSS, and JavaScript. It includes mastering frameworks like React and Angular, implementing security measures, and optimizing performance for interactive web applications. By understanding these fundamentals, developers can design captivating interfaces and enhance the overall user experience.

11 Cross-site scripting (XSS)

Go to Topic

30 Labs

12 Cross-origin resource sharing (CORS)

Go to Topic

4 Labs

13 WebSockets

Go to Topic

12 Labs

14 Clickjacking

Go to Topic

5 Labs

15 DOM-based vulnerabilities

Go to Topic

7 Labs

16 WebSockets

Go to Topic

3 Labs

Want the latest from the Web Security Academy?

Follow Us On LinkedIn for Latest Topic Releases, And To Get Involved With Or Wider Community.

Follow On