Web Application Security
A practical tour of the most common web application vulnerabilities based on the OWASP Top 10, focused on how they are exploited and, above all, how to prevent them.
Most modern security breaches begin at the application layer. This course walks you through the most critical vulnerabilities affecting web applications, organized around the OWASP Top 10. For each risk you will learn what it is, how it works conceptually, what its real business impact is and, most importantly, how to defend against it with secure coding practices. We cover injection, XSS, broken authentication, access control, security misconfiguration, SSRF, vulnerable components, and professional tools like Burp Suite and OWASP ZAP. The focus is always educational and defensive: the goal is for you to build more secure software.
Lessons
The Web Application Attack Surface
4 min read
Injection and SQL Injection
4 min read
Cross-Site Scripting (XSS)
4 min read
Broken Authentication and Sessions
4 min read
Broken Access Control
4 min read
Security Misconfiguration
4 min read
SSRF and Vulnerable Components
4 min read
Secure Coding and Tools
4 min read