INTERMEDIATE
Web Security

Advanced Web Application Security

The OWASP Top 10 in depth, demonstrated on intentionally vulnerable apps and remediated with secure code.

16 hours2 modules5 lessonsVersion 1

About this course

Vector guides you through injection, XSS, access control, SSRF, and business-logic flaws using CyberForge’s intentionally vulnerable applications, always closing the loop with detection and the secure fix.

What you will learn

  • Demonstrate the OWASP Top 10 safely
  • Test access control and business logic
  • Remediate with secure patterns

Curriculum

Module 1. Injection & Client-Side Attacks

How injection and XSS work — and how to stop them.

  • SQL Injection: Impact to Remediation30 min
  • Cross-Site Scripting (XSS)28 min
Module 2. Access Control & Server-Side Risks

Broken access control, SSRF, and business-logic abuse.

  • Broken Access Control & IDOR30 min
  • Server-Side Request Forgery (SSRF)28 min
  • Business-Logic Flaws & Secure Headers26 min
← Back to all courses