Topics
Every walkthrough grouped by vulnerability class, following the roadmap chapters.
- 01 Reconnaissance & Disclosure Most attacks start with reading, not exploiting. 3 walkthrough s
- 02 Broken Access Control The bug almost every API has somewhere. 5 walkthrough s
- 03 Trusting the Client Whatever the browser sends, the server has to verify. 4 walkthrough s
- 04 Cross-Site Attacks Your input, running in someone else's browser. 3 walkthrough s
- 05 SQL Injection Deep Dive One quote, one query, one breach. 4 walkthrough s
- 06 Parsers Behaving Badly Parsers go where your business logic can't. 2 walkthrough s
- 07 Authentication Failures Login is a feature. Auth is a system. 4 walkthrough s
- 08 Server-Side Request Forgery Make the server fetch what you can't. 1 walkthrough
- 09 Cryptography Done Wrong Modern crypto is safe by default. Until it isn't. 3 walkthrough s
- 10 AI & LLM Security The new attack surface nobody trained for. 2 walkthrough s
- 11 Supply Chain & Framework Your code is fine. The 800 packages around it aren't. 2 walkthrough s