Cybersecurity, learned like a practitioner.

24 learning paths · 398 modules live · every lesson written by someone who has shipped the control or run the engagement. Free to start.

Learning paths

398+

Live modules

You've completed

Free

Your tier

Browse the academy

Latest modules

Most recent practitioner playbooks across every track. Filter by topic, level, or search in the sidebar.

538 results · Page 54/54

Web Application Penetration Testing Advanced Members

API Security (OWASP API Top 10)

OWASP API Top 10 in practice, GraphQL testing, gRPC, SSRF, LLM-integrated API attacks. The 2026 API attack surface. Pro module.

Apr 19, 2026 120 min Open

Web Application Penetration Testing Advanced Members

Business Logic Flaws

Race conditions, workflow manipulation, price/quantity attacks, coupon abuse, TOCTOU. The findings scanners cannot find. Pro module.

Apr 19, 2026 120 min Open

Web Application Penetration Testing Intermediate Members

IDOR & Authorization Bypass

Horizontal and vertical IDOR, mass assignment, multi-tenant boundary violations, GraphQL authorization. The highest-yield SaaS bug class. Pro module.

Apr 19, 2026 90 min Open

Web Application Penetration Testing Intermediate Free

Cross-Site Scripting (XSS) in 2026

Reflected, stored, and DOM-based XSS in 2026. Filter bypasses, CSP deep-dive, and the real impact beyond alert(1). Pro module.

Apr 19, 2026 90 min Open

Web Application Penetration Testing Intermediate Free

SQL Injection in 2026

How SQLi works at the query level, UNION-based extraction, blind SQLi (boolean and time), out-of-band exfiltration, NoSQL injection, sqlmap practice.

Apr 19, 2026 120 min Open

Web Application Penetration Testing Beginner Members

Authentication Attacks

Username enumeration, password spraying, credential stuffing, session attacks, JWT vulnerabilities, OAuth/SAML flaws, MFA bypasses.

Apr 19, 2026 90 min Open

Web Application Penetration Testing Beginner Free

Web Enumeration & Recon

Subdomain enumeration, technology fingerprinting, directory brute-forcing, JavaScript bundle analysis, and Wayback reconnaissance.

Apr 19, 2026 90 min Open

Web Application Penetration Testing Beginner Members

HTTP & Web Fundamentals

How HTTP actually works at the wire level — methods, status codes, headers, cookies, TLS. The foundation for every web-app attack pattern.

Apr 19, 2026 60 min Open

02 / Why learn here

Practitioners who've
shipped the controls.

Every module is written by someone who has built the defence or run the engagement. No repackaged tutorials, no generic theory.

Practitioner-written.

Each lesson is authored by someone who has shipped the control or run the engagement in production.

Quiz after every module.

20+ questions with explanations. 70%+ to mark complete. Unlimited retries.

Progress tracked.

Completions, scores and streaks saved automatically. Resume exactly where you left off.

India-priced.

Start free. ₹499/mo for intermediate. ₹4,999/yr for advanced. No hidden fees, ever.

Pick a path, get to work.

Browse all 398 modules → View skill map

Latest modules

API Security (OWASP API Top 10)

Business Logic Flaws

IDOR & Authorization Bypass

Cross-Site Scripting (XSS) in 2026

SQL Injection in 2026

Authentication Attacks

Web Enumeration & Recon

HTTP & Web Fundamentals

Practitioners who'veshipped the controls.

Why learn here

Practitioner-written.

Quiz after every module.

Progress tracked.

India-priced.

Pick a path, get to work.

Practitioners who've
shipped the controls.