| description |
|---|
 (1) (1) (1) (1) (1) (1).png)
@PortSwigger Ltd
The Web Security Academy is a free online training center for web application security. It includes content from PortSwigger's in-house research team, experienced academics, encouraging theoretical and practical study with truly effective laboratories.
 (1) (1) (1) (1) (1) (1).png)
In my case I installed Burp Suite Community Edition and Chromium on my main machine (Debian OS), by starting BurpSuite and clicking on Proxy -> Intercept -> Open Browser (orange button) it is possible to have Chromium already set for use and communicating directly with Burp.
 (1) (1) (1) (1) (1) (1).png)
 (1) (1) (1) (1) (1) (1).png)
As suggested into HexDump BSCP Technical Guide there's not the methodology and the order of you path is subjective, you can use the existing learning paths, proceed with individual modules, do all the lab apprentice first etc, below is the table relating to a possible personalized study path: https://blog.leonardotamiano.xyz/tech/bscp-technical-guide/
 (1) (1) (1) (1) (1) (1).png)
https://portswigger.net/web-security/learning-paths
| MODULE | TYPE | COMPLEXITY | STATUS | |
|---|---|---|---|---|
| 1 | Informatin Disclosure | Server-Side | Low | true |
| 2 | Essential Skills | Advanced | Low | true |
| 3 | SQL Injection | Server-Side | Low | false |
| 4 | Command Injection | Server-Side | Low | false |
| 5 | Path Traversal | Server-Side | Low | false |
| 6 | XXE Injection | Server-Side | Low | false |
| 7 | File Upload Vulnerabilities | Server-Side | Low | false |
| 8 | Server-Side Request Forgery (SSRF) | Server-Side | Low | false |
| 9 | Authentication | Server-Side | Low | false |
| 10 | Access Control | Server-Side | Low | false |
| 11 | Clickjacking | Client-Side | Low | false |
| 12 | Web LLM attacks | Advanced | Low | false |
| 13 | Cross-site scripting (XSS) | Client-Side | Medium | false |
| 14 | Cross-site request forgery (CSRF) | Client-Side | Medium | false |
| 15 | Cross-origin resource sharing (CORS) | Client-Side | Medium | false |
| 16 | DOM-based vulnerabilities | Client-Side | Medium | false |
| 17 | Server-Side Template Injection | Advanced | Medium | false |
| 18 | Business Logic Vulnerabilities | Server-Side | Medium | false |
| 19 | HTTP Host Header Attacks | Advanced | Medium | false |
| 20 | Prototype Pollution | Advanced | Medium | false |
| 21 | WebSockets | Client-Side | Medium | false |
| 22 | JWT attacks | Advanced | Medium | true |
| 23 | GraphQL API Vulnerabilities | Advanced | Medium | false |
| 24 | Insecure Deserialization | Advanced | Medium | false |
| 25 | OAuth Authentication | Advanced | High | false |
| 26 | Race Conditions | Server-Side | High | false |
| 27 | HTTP Request Smuggling | Advanced | High | false |
| 28 | Web Cache Poisoning | Advanced | High | false |
| 29 | Web Cache Deception | Server-Side | High | false |
Personally, i'm using a mixed approach.