Welcome to WebAcademy! This repository contains a collection of labs, slides, and resources related to web security vulnerabilities. Each directory focuses on a specific type of vulnerability or security concept, providing hands-on labs, educational materials, and resources for learning and practicing web security.
- Injection - Labs and resources related to SQL injection vulnerabilities.
- Broken Authentication - Labs and resources related to broken authentication vulnerabilities.
- Sensitive Data Exposure - Labs and resources related to information disclosure vulnerabilities.
- XML External Entities (XXE) - Labs and resources related to XXE injection vulnerabilities.
- Broken Access Control - Labs and resources related to broken access control vulnerabilities.
- Security Misconfiguration - Labs and resources related to business logic vulnerabilities (representing security misconfigurations).
- Cross-Site Scripting (XSS) - Labs and resources related to XSS vulnerabilities.
- Insecure Deserialization - Labs and resources related to directory traversal vulnerabilities (representing insecure deserialization).
- Using Components with Known Vulnerabilities - Labs and resources related to CORS vulnerabilities (representing using components with known vulnerabilities).
- Insufficient Logging & Monitoring - Labs and resources related to clickjacking vulnerabilities (representing insufficient logging and monitoring).
-
Clickjacking - Labs and resources related to clickjacking vulnerabilities.
-
Command Injection - Labs and resources related to command injection vulnerabilities.
-
Cross-Origin Resource Sharing (CORS) - Labs and resources related to CORS vulnerabilities.
-
Cross-Site Request Forgery (CSRF) - Labs and resources related to CSRF vulnerabilities.
-
Directory Traversal - Labs and resources related to directory traversal vulnerabilities.
-
DOM-based Vulnerabilities - Labs and resources related to DOM-based vulnerabilities.
-
File Upload Vulnerabilities - Labs and resources related to file upload vulnerabilities.
-
Server-Side Request Forgery (SSRF) - Labs and resources related to SSRF vulnerabilities.
-
WebSockets Vulnerabilities - Labs and resources related to WebSockets vulnerabilities.
-
Introduction Slides - Slides providing an introduction to web security concepts.
Feel free to explore each directory to find labs, slides, and resources related to specific web security vulnerabilities. Happy learning and happy hacking!