Skip to content
  • Home
  • OWASP Top 10
  • Bug bounty hunting
  • About
  • Contact
  • How to support

Category: OWASP

OWASP tutorials, training, videos, and content.

XXE explained – OWASP Top 10 vulnerabilities

April 22, 2021 by thehackerish

Welcome to this new episode of the OWASP Top 10 vulnerabilities series. Today, you will learn everything related to XXE. This blog post will explain the theory with some examples. By the end, you will be ready to tackle XXE in practice. Don’t forget to subscribe the Friday newsletter to kickstart your Some key XXE …

Continue Reading
XXE tutorial

XXE tutorial in practice – OWASP Top 10 training

April 22, 2021 by thehackerish

Hello and welcome to this OWASP Top 10 training series. Today, you will practice XXE injection on OWASP WebGoat. By the end of this XXE tutorial, you will achieve the following goals: Exploit XXE to Read internal files from the vulnerable server. Pivot from XXE to SSRF Exploit a Blind XXE Perform the Billion laughs …

Continue Reading
Sensitive Data Exposure

Sensitive Data Exposure tutorial – OWASP Top 10 training

April 22, 2021 by thehackerish

Hello and welcome to this new episode of the OWASP Top 10 training series. In this Sensitive Data Exposure tutorial, you will practice your skills on three challenges If you have no idea about this vulnerability, I invite you to read this blog post which explains Sensitive Data Exposure in detail. Make sure to subscribe …

Continue Reading

Sensitive Data Exposure explained – OWASP Top 10

April 22, 2021 by thehackerish

Welcome to this new episode on the OWASP Top 10 vulnerabilities series. Today, you’ll learn about the OWASP Sensitive data exposure vulnerability. If you already now the theory behind this vulnerability, you can practice on this tutorial. The agenda will cover the following: Define what is sensitive data exposure Explain Sensitive data exposure types Show …

Continue Reading

Broken Authentication and Session Management explained

April 22, 2021 by thehackerish

Welcome to this new episode of the OWASP Top 10 vulnerabilities course. Today, you are going to learn about Broken Authentication and Session Management.  Last time, I explained the Injection vulnerability. New upcoming posts will teach you the remaining OWASP Top 10 vulnerabilities. Consider subscribing to the Friday Newsletter. What is Broken Authentication and Session …

Continue Reading
Broken authentication and session management tutorial

Broken Authentication and Session Management tutorial

April 22, 2021 by thehackerish

Hello and welcome to this new episode of the OWASP Top 10 training series. In this Broken Authentication and Session Management tutorial, you will practice put your knowledge into action on hands-on attack examples. If you don’t know the theory behind this vulnerability, I highly recommend you read it first and then come back. In this …

Continue Reading

SQL injection examples for practice

April 22, 2021 by thehackerish

Welcome to this new episode of the OWASP Top 10 training series. In this blog post, you are going to practice your skills on some SQL injection examples. In the first SQL injection example, we will exploit an error-based use case. Then, we are going to exploit a blind use case in the second SQL …

Continue Reading

SQL injection explained – OWASP Top 10 vulnerabilities

April 22, 2021 by thehackerish

Welcome to this new episode of the OWASP Top 10 vulnerabilities course, where we explain in detail each vulnerability. In this blog post, you will learn SQL injection.This is a subset of the OWASP Top 10 injection vulnerabilities. If you’d like to have a bigger picture of Injection, I invite you to read this blog …

Continue Reading

How to install OWASP Juice Shop – OWASP Top 10 training

April 22, 2021 by thehackerish

Welcome back to the OWASP Top 10 training series. Today, we are going to install OWASP Juice Shop using both Heroku and Docker. This is the last step in our OWASP Top 10 lab setup. Last time, we installed OWASP WebGoat. I’ve chosen to add it in this application so that we can experiment with …

Continue Reading

OWASP Webgoat download and installation – OWASP Top 10 training

April 22, 2021 by thehackerish

Welcome back to the OWASP Top 10 training series. Today, you are going to learn how to install OWASP WebGoat and OWASP WebWolf using both java and Docker. We are slowly but surely building out our OWASP Top 10 lab to start practicing how to exploit the OWASP Top 10 vulnerabilities. If you haven’t been …

Continue Reading

Posts pagination

  • Previous
  • 1
  • 2
  • 3
  • Next
Get my FREE Udemy course

Hack like a white hat hacker - A practical introduction

Is pentesting the right job for you? MyFREE Udemy course will help you answer it through a practical pentest mission example.

Enroll for FREE

Overcome your struggles and become a successful bug bounty hunter!

Master bug bounty hunting through Anna's journey, uncovering the mindset, tactics, and skills needed to thrive and succeed in the game

Read it NOW

Categories

  • burp suite
  • Hacking
    • bug bounty
    • Penetration testing
    • red team
  • OWASP
    • OWASP juice shop
    • OWASP Top 10
      • OWASP Top 10 training
      • OWASP Top 10 vulnerabilities
    • OWASP WebGoat
    • OWASP ZAP
  • Secure coding
  • Uncategorized

Overcome your struggles and become a successful bug bounty hunter!

Get you Free hacking lab VM

free-hacking-lab-vm
free-hacking-lab-vm
© 2025 thehackerish | Built using WordPress and SuperbThemes