Web Security Academy Learning Path

Overview

The Web Security Academy is a free online training center for web application security. It includes content from PortSwigger's in-house research team, experienced academics, and Chief Swig Dafydd Stuttard.

Unlike a textbook, the Academy is constantly updated. It also includes interactive labs where you can put what you learn to the test. If you want to improve your knowledge of hacking, or you'd like to become a bug bounty hunter or pentester, you're in the right place.

Syllabus

Server-side topics

SQL Injection
Authentication
Directory Traversal
Command Injection
Business Logic Vulnerabilities
Information Disclosure
Access Control
File Upload Vulnerabilities
Server-side Request Forgery (SSRF)
XXE Injection

Client-side Topics

Cross-site Scripting (XSS)
Cross-site Request Forgery (CSRF)
Cross-origin Resource Sharing (CORS
ClickJacking
DOM-based Vulnerabilities
WebSockets

Advanced Topics

Insecure deserialization
Server-side Template Injection
Web Cache Poisoning
HTTP Host Header Attacks
HTTP Request Smuggling
OAuth Authentication
JWT Attacks

Burp Suite Certified Practitioner

Certification Exam

Reviews

Start your review of Web Security Academy Learning Path

Udemy, Coursera, 2U/edX Face Lawsuits Over Meta Pixel Use

Most common

Popular subjects

Popular courses

Web Security Academy Learning Path

Overview

Syllabus

Reviews

Udemy, Coursera, 2U/edX Face Lawsuits Over Meta Pixel Use

Intigriti Hackademy

Bug Bounty Hunter Job Role Path

Burp Suite Bug Bounty Web Hacking from Scratch

Ethical Hacking 101: Web App Penetration Testing - a full course for beginners

Intro to Bug Bounty Hunting and Web Application Hacking

Learn Bug Bounty Hunting & Web Security Testing From Scratch

10 Best Bug Bounty Courses

Never Stop Learning.