- Joined
- 7 Feb 2026
- Messages
- 98
- Reaction score
- 116
- Points
- 33
Course Overview
Course Overview
Welcome to this course on Practical Web Hacking. This course follows on from the Practical Bug Bounty course and will take you deeper into the world of finding and exploiting vulnerabilities in web applications. It’s recommended that you have completed the Practical Bug Bounty course or at least one year's worth of experience in hacking web applications before you take this course. In this course, you will develop a deeper understanding of how web attacks work, learn to craft custom payloads, and build a methodology for finding and exploiting more complex vulnerabilities.
The Practical Web Hacking Course Will Cover:
The Practical Web Hacking Course Will Cover:
- How web applications work
- Authentication attacks
- Broken access control
- Server-side request forgery
- Advanced SQL injection attacks and NoSQL injection
- File inclusion
- XML External Entity Injection
- XSS and filter bypasses
- Attacking JSON Web Tokens
- Mass assignment
- Open redirects
- Race conditions
- Capstone challenge
By the end of the course you will have a good understanding of how these attacks work, be able to find them in situations that are not immediately obvious or overlooked by automated scans and fuzzing. You will also be able to modify and craft custom payloads to bypass filters or achieve exploitation in unusual circumstances.
Prerequisites & System Requirements
Prerequisites & System Requirements
- A computer able to run a Linux virtual machine
- Completion of the Practical Bug Bounty course OR 1 years web hacking experience
- A positive attitude
Practical Web Hacking Course Objectives
Practical Web Hacking Course Objectives
Web Application Basics
- Understand how web applications and their various components work.
Web Application Attacks
- Understand common and intermediate attacks against web applications.
Web Application Reconnaissance
- Identify potential weaknesses and vulnerabilities in web applications.
Web Application Exploitation
- Learn to craft payloads to exploit an identified vulnerability.
