Curriculum
- 8 Sections
- 114 Lessons
- 52 Weeks
Expand all sectionsCollapse all sections
- Introduction to Cyber Dojo Platform3
- Chapter 1: Introduction and Information Gathering20
- 2.1Why the Web?13 Minutes
- 2.2Application Assessment Methodologies48 Minutes
- 2.3Web Application Pen Tester’s Toolkit6 Minutes
- 2.4Interception Proxies23 Minutes
- 2.5Exercise 1.1: Configuring Interception Proxies13 Minutes
- 2.6TryHackMe Bonus Lab: Burp Suite: The Basics48 Minutes
- 2.7TryHackMe Bonus Lab: Burp Suite: Repeater28 Minutes
- 2.8TryHackMe Bonus Lab: Burp Suite: Intruder38 Minutes
- 2.9TryHackMe Bonus Lab: Burp Suite: Other Modules21 Minutes
- 2.10TryHackMe Bonus Lab: Burp Suite: Extensions8 Minutes
- 2.11Open Source Intelligence (OSINT)29 Minutes
- 2.12Virtual Host Discovery39 Minutes
- 2.13Exercise 1.2: Virtual Host Discovery37 Minutes
- 2.14HTTP Syntax and Semantics48 Minutes
- 2.15HTTPS and Testing for Weak Ciphers21 Minutes
- 2.16Exercise 1.3: Testing HTTPS11 Minutes
- 2.17Target Profiling24 Minutes
- 2.18Exercise 1.4: Gathering Server Information21 Minutes
- 2.19Quiz: Exercise 1.Bonus: Testing and Exploiting Heartbleed60 Minutes1 Question
- 2.20Assignment: Build SSL OSINT Tool1 Day
- Chapter 2: Content Discovery, Auth, and Session Testing31
- 3.1Insufficient Logging and Monitoring13 Minutes
- 3.2Spidering Web Applications19 Minutes
- 3.3Exercise 2.1: Web Spidering38 Minutes
- 3.4Forced Browsing9 Minutes
- 3.5Exercise 2.2: ZAP and ffuf Forced Browse20 Minutes
- 3.6Fuzzing9 Minutes
- 3.7Information Leakage12 Minutes
- 3.8Authentication44 Minutes
- 3.9Exercise 2.3: Authentication21 Minutes
- 3.10Self-Study Lesson: OAuth 2.0 Authentication Vulnerabilities50 Minutes
- 3.11Self-Study Lesson: JWT Attacks50 Minutes
- 3.12Username Harvesting17 Minutes
- 3.13Exercise 2.4: Username Harvesting15 Minutes
- 3.14Burp Intruder8 Minutes
- 3.15Exercise 2.5: Fuzzing with Burp Intruder11 Minutes
- 3.16Bonus Lab 2.1 – Username Enumeration via Different Responses8 Minutes
- 3.17Bonus Lab 2.2 – Username Enumeration via Response Timing11 Minutes
- 3.18Session Management30 Minutes
- 3.19Exercise 2.6: Burp Sequencer12 Minutes
- 3.20Authentication and Authorization Bypass24 Minutes
- 3.21Vulnerable Web Apps: Mutillidae6 Minutes
- 3.22Exercise 2.7: Authentication Bypass33 Minutes
- 3.23Bonus Lab 2.3 – 2FA Simple Bypass6 Minutes
- 3.24Bonus Lab 2.4 – 2FA Broken Logic18 Minutes
- 3.25Bonus Lab 2.5 – User ID Controlled by Request Parameter4 Minutes
- 3.26Bonus Lab 2.6 – User Role Controlled by Request Parameter2 Minutes
- 3.27Bonus Lab 2.7 – User Role Can be Modified in User Profile6 Minutes
- 3.28Bonus Lab 2.8 – Insecure Direct Object References (IDOR)5 Minutes
- 3.29Quiz: Exercise 2.Bonus: Exploiting Shellshock60 Minutes3 Questions
- 3.30Assignment: Authentication Vulnerabilities Labs14 Days
- 3.31Assignment: Access control vulnerabilities Labs14 Days
- Chapter 3: Injection27
- 4.1HTTP Response Security Controls20 Minutes
- 4.2Command Injection19 Minutes
- 4.3Exercise 3.1: Command Injection26 Minutes
- 4.4Bonus Lab 3.1 – Blind OS Command Injection with Time Delays9 Minutes
- 4.5Bonus Lab 3.2 – Blind OS Command Injection with Out-of-Band Interaction10 Minutes
- 4.6Assignment: OS Command Injection5 Days
- 4.7File Inclusion and Directory Traversal13 Minutes
- 4.8Exercise 3.2: Local/Remote File Inclusion9 Minutes
- 4.9Bonus Lab 3.3 – File Path Traversal, Simple Case4 Minutes
- 4.10Bonus Lab 3.4 – File Path Traversal, Validation of File Extension with Null Byte Bypass7 Minutes
- 4.11Bonus Lab 3.5 – Web Shell Upload via Content-Type Restriction Bypass13 Minutes
- 4.12Assignment: Local/Remote File Inclusion14 Days
- 4.13Insecure Deserialization21 Minutes
- 4.14Exercise 3.3: Insecure Deserialization15 Minutes
- 4.15Assignment: Insecure Deserialization15 Days
- 4.16SQL Injection Primer28 Minutes
- 4.17Discovering SQLi26 Minutes
- 4.18Exploiting SQLi31 Minutes
- 4.19Exercise 3.4: Error-Based SQLi12 Minutes
- 4.20SQLi Tools11 Minutes
- 4.21Exercise 3.5: sqlmap + ZAP18 Minutes
- 4.22Bonus Lab 3.6. – SQL Injection Vulnerability in WHERE Clause Allowing Retrieval of Hidden Data4 Minutes
- 4.23Bonus Lab 3.7 – SQL Injection Vulnerability Allowing Login Bypass12 Minutes
- 4.24Bonus Lab 3.8 – Blind SQL Injection with Time Delays11 Minutes
- 4.25Bonus Lab 3.9 – Blind SQL Injection with Out-of-Band Interaction18 Minutes
- 4.26Bonus Lab 3.10 – Blind SQL Injection with Conditional Responses25 Minutes
- 4.27Assignment: SQL Injection20 Days
- Chapter 4: XSS, SSRF, and XXE27
- 5.1Document Object Model (DOM)24 Minutes
- 5.2Cross-Site Scripting (XSS) Primer22 Minutes
- 5.3Exercise 4.1: HTML Injection16 Minutes
- 5.4XSS Impacts10 Minutes
- 5.5BeEF8 Minutes
- 5.6Exercise 4.2: BeEF20 Minutes
- 5.7Classes of XSS22 Minutes
- 5.8Exercise 4.3: DOM-Based XSS20 Minutes
- 5.9Discovering XSS12 Minutes
- 5.10XSS Tools5 Minutes
- 5.11Exercise 4.4: XSS20 Minutes
- 5.12Bonus Lab 4.1 – Stored XSS into HTML Context with Nothing Encoded6 Minutes
- 5.13Bonus Lab 4.2 – Stored XSS into Anchor href Attribute with Double Quotes HTML-encoded15 Minutes
- 5.14Bonus Lab 4.3 – Exploiting Cross-Site Scripting to Steal Cookies10 Minutes
- 5.15Assignment: Cross-site Scripting30 Days
- 5.16AJAX20 Minutes
- 5.17Data Attacks8 Minutes
- 5.18REST and SOAP11 Minutes
- 5.19Server-Side Request Forgery (SSRF)12 Minutes
- 5.20Exercise 4.5: Server-Side Request Forgery6 Minutes
- 5.21Bonus Lab 4.4 – Basic SSRF Against Another Back-End System8 Minutes
- 5.22Assignment: Server-side request forgery (SSRF)9 Days
- 5.23XML External Entities (XXE)14 Minutes
- 5.24Exercise 4.6: XXE17 Minutes
- 5.25Bonus Lab 4.5 – Exploiting XInclude to Retrieve Files9 Minutes
- 5.26Bonus Lab 4.6 – Exploiting XXE Using External Entities to Retrieve Files6 Minutes
- 5.27Assignment: XML External Entity (XXE) Injection10 Days
- Chapter 5: CSRF, Logic Flaws, and Advanced Tools22
- 6.1Cross-Site Request Forgery11 Minutes
- 6.2Exercise 5.1: CSRF21 Minutes
- 6.3Assignment: Cross-Site Request Forgery10 Days
- 6.4Logic Flaws6 Minutes
- 6.5Assignment: Business Logic Vulnerabilities9 Days
- 6.6Python for Web App Pen Testers26 Minutes
- 6.7Exercise 5.2: Python3 Hours
- 6.8Assignment – Automate Portswigger Labs with Python3 Days
- 6.9WPScan and ExploitDB3 Minutes
- 6.10Exercise 5.3: WPScan and ExploitDB13 Minutes
- 6.11Burp Scanner9 Minutes
- 6.12Metasploit13 Minutes
- 6.13Exercise 5.4: Metasploit16 Minutes
- 6.14Exercise 5.5: Drupalgeddon II8 Minutes
- 6.15Nuclei6 Minutes
- 6.16When Tools Fail9 Minutes
- 6.17Exercise 5.6: When Tools Fail14 Minutes
- 6.18Business of Pen Testing: Preparation19 Minutes
- 6.19Business of Pen Testing: Post Assessment20 Minutes
- 6.20Pentest Report Sample10 Minutes
- 6.21Assignment: Exercise 5.Bonus: Python1 Day
- 6.22Assignment: Exercise 5.Bonus2: Exploiting Ruby on Rails1 Day
- Final Exam: GWAPT Exam Preparation1
- Project: Juice Shop Vulnerabilities Report3
