Keep your company secure and compliant
Our massive library covers the most popular languages and security topics, helping you deliver relevant training to your teams
Security topics
OWASP TOP 10
Learn about OWASP Top 10 vulnerabilties, get familiar with solutions and best practices to prevent them.
Security breaches
Learn lessons from recent security breaches. Experience how hackers exploited the vulnerabilities, so you’ll be able to foresee them in the future.
SQL INJECTION
SQL Injection tutorials and examples: Learn how to fix a vulnerable login, try a WordPress penetration testing challenge and many more tips and tricks.
CROSS-SITE SCRIPTING (XSS)
How does cross-site scripting work? How to find and how to prevent XSS vulnerabilities?
COMMAND INJECTION
How does a complex code injection attack look like? How is a Remote Code Execution performed? Dive into command injection.
DEVSECOPS
Git, Vault, Terraform tutorials and many more challenges to make your applications more secure.
SENSITIVE DATA EXPOSURE
What is Sensitive Data Exposure and how to prevent it
XML EXTERNAL ENTITY
Check our tutorials and challenges about XML related vulnerabilities, such as the billion laughs attack
Content Security Policy (CSP)
Learn how to use Content Security Policy (CSP) to secure web applications.
Authentication
Learn the basics of broken authentication, find out what could go wrong with the user session after they log in and master user authentication practices and procedures.
API Security
Learn about the most common API vulnerabilities and ways to prevent them.
Spring Framework Security
Learn about Spring Security, CSRF protection, and many more topics.
Third-Party Component Security
Handling third-party security is a must. Learn how you can reduce the risk of vulnerable components.
Broken Access Control
What is broken access control? How to find it in your application?
Insecure Direct Object Reference (IDOR)
What is an IDOR vulnerability? Check our realistic attack scenarios and learn how to fix Insecure Direct Object Reference.
Web Cache Poisoning
Check our web cache poisoning tutorial, learn about web cache deception and more.
Request Forgeries
Get an overview of request forgeries, learn how to fix a CSRF vulnerability and many more topics.
Smart Contract Security
Learn about the most common vulnerability types in Ethereum smart contracts from Re-Entrancy to Timestamp Dependence.
Memory Corruption Attacks
Memory corruption is a common problem when writing C or C++ programs. What is it and how to detect Memory Corruption Attacks.
Cryptography
Dive into cryptography: learn about secure password hashing, hybrid encription, MAC-and-ENC protocol and many more topics.
Sensitive Data Exposure
What is Sensitive Data Exposure and how to prevent it.
Security Tools
Security tools help you find, dissect and evaluate security issues, such as injection, or brute-forcing password hashes.
Job roles
Developer
Security champion
Pentester
Security analyst
DevOps engineer
Follow us
Copyright © 2021 Avatao