Course Overview

Learn how to hack web applications, automate your exploits in python and defend web applications against real world attacks! For each vulnerability type, we dive into the technical details and then gain hands-on experience by solving labs that model real-world vulnerabilities.

The course covers the following server-side vulnerabilities:

  1. SQL Injection
  2. Authentication Vulnerabilities
  3. Directory Traversal
  4. Command Injection
  5. Business Logic Vulnerabilities
  6. Information Disclosure
  7. Access Control Vulnerabilities
  8. File Upload Vulnerabilities
  9. Server-Side Request Forgery (SSRF)
  10. XXE Injection

The course covers the following client-side vulnerabilities:

  1. Cross-Site Scripting (XSS)
  2. Cross-site request forgery (CSRF)
  3. Cross-origin resource sharing (CORS)
  4. Clickjacking
  5. DOM-based Vulnerabilities
  6. WebSocket Vulnerabilities

The course covers the following advanced vulnerabilities:

  1. JWT Attacks

Course Prerequisites:

  • Basic knowledge of computers (i.e. how to use the internet).
  • Basic knowledge of web fundamentals (HTTP requests, methods, cookies, status codes, etc.).
  • Basic knowledge of Python Scripting.


COURSE CURRICULUM - 50+ HOURS

  Introduction
Available in days
days after you enroll
  Getting Help
Available in days
days after you enroll
  Lab Environment Setup
Available in days
days after you enroll
  SQL Injection
Available in days
days after you enroll
  Authentication Vulnerabilities
Available in days
days after you enroll
  Directory Traversal
Available in days
days after you enroll
  OS Command Injection
Available in days
days after you enroll
  Business Logic Vulnerabilities
Available in days
days after you enroll
  Information Disclosure
Available in days
days after you enroll
  Access Control Vulnerabilities
Available in days
days after you enroll
  File Upload Vulnerabilities
Available in days
days after you enroll
  Server-Side Request Forgery (SSRF)
Available in days
days after you enroll
  XXE Injection
Available in days
days after you enroll
  Cross-Site Scripting (XSS)
Available in days
days after you enroll
  Cross-Site Request Forgery (CSRF)
Available in days
days after you enroll
  Cross-origin Resource Sharing (CORS)
Available in days
days after you enroll
  Clickjacking
Available in days
days after you enroll
  DOM-based Vulnerabilities
Available in days
days after you enroll
  WebSockets Vulnerabilities
Available in days
days after you enroll
  JWT Attacks
Available in days
days after you enroll
  What's Next?
Available in days
days after you enroll

Pricing Option #1


Pricing Option #2

All-Access Membership Plan Starting at $29.99/month

Gain full access to all the modules in this course as well as our entire course catalog by enrolling in the All-Access Membership plan.

Meet the Instructor

ABOUT THE AUTHOR

Rana Khalil is an accomplished Application Security Engineer currently steering the digital safety ship in Canada's dynamic public and private sectors. With her cutting-edge expertise, she's not only securing applications, but also shaping the future of cybersecurity across the nation.

She holds a Bachelor's and Master’s degree in Computer Science and is OSCP certified. She has spoken about her research at various local and international conferences, and received several awards and honorable mentions for her contributions to the cybersecurity community.



Follow Rana on Social Media:

LinkedIn: https://www.linkedin.com/in/ranakhalil1/

Youtube: https://www.youtube.com/channel/UCKaK-XPQAbznwIISC...

Frequently Asked Questions (FAQ)


What is the refund policy?

All students are entitled to a 14-day refund from the date of purchase of the course. Please follow the instructions outlined in this link to submit a refund request.


Will I receive a certificate of completion after I finish the course?

Yes, we currently provide a certificate of completion. However, the course is designed to help aid students in the preparation for PortSwigger's Burp Suite Certified Practitioner certification. Therefore, students are encouraged to enrol in the certification if they feel they are ready.


Does the course include subtitles?

Yes, all of the lessons in this course feature auto-generated English, Arabic, Spanish, Portuguese, Hindi & French subtitles. We are currently in the process of having these subtitles reviewed by human experts to ensure their accuracy.


Does the One-Time Purchase option include all future updates to the course?

Yes, the one-time purchase option provides access to the course and all future updates to the course.


Is the course eligible for Continuing Professional Education (CPE) credits?

Yes, each certificate of completion specifies the total CPE credits earned.


How is this course different from the videos on Youtube and Udemy?

This course contains the same videos as Youtube and Udemy, with the exception that the course contains all the videos, whereas, Youtube only contains a portion of the videos and in Udemy, each module / topic of this course is a single course on Udemy.

Registering in the course gives you the following benefits:

  1. Access to all the module / topic videos.
  2. Access to a private discord channel where you can ask me questions and collaborate with other students.
  3. Early access to any future videos and updates.