π― What You'll Learn
- Map an applicationβs attack surface
- Test for injection and access-control flaws
- Attack authentication and sessions
- Report web findings professionally
About This Workbook
This track builds a complete, repeatable web testing methodology. You map an application, then systematically test authentication, injection, access control, and client-side flaws using the standard tools shipped with Kali.
Chapter 1 β Mapping the Application
Understanding the target before attacking it.
- Content discovery
- Technology fingerprinting
- Mapping inputs
Chapter 2 β Injection & Access Control
The highest-impact web flaw families.
- SQL and command injection
- IDOR and broken access control
- File inclusion
Chapter 3 β Auth, Sessions & Client-Side
Attacking identity and the browser.
- Auth and session flaws
- XSS and CSRF
- Logic bugs
Chapter 4 β Reporting
Communicating web risk clearly.
- Evidence
- Severity
- Remediation
Keep going. Work through each chapter in order, then apply what you learned in the matching labs.