Web Security Academy Learning Paths

Our carefully curated pathways provide a structured approach to learning web security, empowering you to advance at your own pace while ensuring a deep understanding of the subject matter.

Web Security Academy Learning Paths

All learning paths

Sign in or create a free account to access our interactive, deliberately vulnerable labs, and track your learning progress.

Server-side vulnerabilities

This learning path introduces you to a range of common server-side vulnerabilities. This is perfect if you're new to web security and want to get an overview of the kinds of vulnerabilities that exist, as well as how an attacker might identify and exploit them in real-world systems.

SQL injection

This learning path teaches you how to find and exploit SQL injection, a classic vulnerability responsible for many high-profile data breaches. This path is suitable regardless of whether you're completely new to SQL injection or want to improve your existing knowledge and skills.

API testing

This learning path teaches you how to test APIs that aren't fully used by the website front-end. You'll learn key API recon skills to help you discover more attack surface. In addition, you'll learn how to identify server-side parameter pollution vulnerabilities that may impact internal APIs.