We're sorry but Snyk Learn doesn't work properly without JavaScript enabled. Please enable it to continue.
Lessons
Snyk Learn
/
Lessons
Lessons
Filter
Filter
Clear all
Categories
JavaScript
PHP
Go
Java
Python
Kubernetes
C#
Status
java
Spring4Shell
Learn what Spring4Shell is, why you should be aware of it, and how you can prevent and remediate the vulnerability in your organization
java
Open redirect
Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
java
Insecure deserialization
Learn how an insecure deserialization attack works, and how to mitigate and remediate the vulnerability with real world examples from security experts.
java
Log4Shell vulnerability
Learn how to protect your Log4j instances against malicious remote code execution (RCE) in Java by exploiting a vulnerable application as part of this Snyk Learn lesson.
java
Directory traversal
Learn how to protect your code from directory traversal in Java by exploiting a vulnerable web server.
java
Cross-site scripting
Learn how to protect your Java code from various forms of cross-site scripting (XSS) attacks.
java
SQL injection
Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
javascript
Open redirect
Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
javascript
Code injection
Learn how to protect your applications against malicious code injection in JavaScript by exploiting a vulnerable web app as part of this Snyk Learn lesson.
javascript
Server-side request forgery
Learn how to protect your code from server-side request forgery attacks in JavaScript by exploiting a vulnerable web app as part of this Snyk Learn tutorial.
javascript
Directory traversal
Learn how to protect your code from directory traversal in JavaScript by exploiting a vulnerable web server.
javascript
Cross-site scripting
Learn how to protect your JavaScript code from various forms of cross-site scripting (XSS) attacks.
javascript
Prototype pollution
Learn what JavaScript prototype pollution is and how to prevent it.
javascript
SQL injection
Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
python
Open redirect
Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
python
Directory traversal
Learn how to protect your code from directory traversal in PHP by exploiting a vulnerable web server.
python
SQL injection
Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
python
Cross-site scripting
Learn how to protect your Python code from various forms of cross-site scripting (XSS) attacks.
golang
NEW
Directory traversal
Learn how to protect your code from directory traversal in Go by exploiting a vulnerable web server.
golang
Cross-site scripting
Learn how to protect your Go code from various forms of cross-site scripting (XSS) attacks.
golang
SQL injection
Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
php
NEW
Directory traversal
Learn how to protect your code from directory traversal in PHP by exploiting a vulnerable web server.
php
Code injection
Learn how to protect your applications against malicious code injection in PHP by exploiting a vulnerable web app as part of this Snyk Learn lesson.
php
Cross-site scripting
Learn how to protect your PHP code from various forms of cross-site scripting (XSS) attacks.
php
SQL injection
Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
csharp
Cross-site scripting
Learn how to protect your C# code from various forms of cross-site scripting (XSS) attacks.
csharp
SQL injection
Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
kubernetes
Container is running in privileged mode
Learn why using privileged mode on a container is a bad idea in almost all cases.
kubernetes
Container does not drop all default capabilities
Learn how to improve Kubernetes security by dropping default capabilities for a container.