Lessons

java Spring4Shell
java

Spring4Shell

Learn what Spring4Shell is, why you should be aware of it, and how you can prevent and remediate the vulnerability in your organization
java Open redirect
java

Open redirect

Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
java Insecure deserialization
java

Insecure deserialization

Learn how an insecure deserialization attack works, and how to mitigate and remediate the vulnerability with real world examples from security experts.
java Log4Shell vulnerability
java

Log4Shell vulnerability

Learn how to protect your Log4j instances against malicious remote code execution (RCE) in Java by exploiting a vulnerable application as part of this Snyk Learn lesson.
java Directory traversal
java

Directory traversal

Learn how to protect your code from directory traversal in Java by exploiting a vulnerable web server.
java Cross-site scripting
java

Cross-site scripting

Learn how to protect your Java code from various forms of cross-site scripting (XSS) attacks.
java SQL injection
java

SQL injection

Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
javascript Open redirect
javascript

Open redirect

Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
javascript Code injection
javascript

Code injection

Learn how to protect your applications against malicious code injection in JavaScript by exploiting a vulnerable web app as part of this Snyk Learn lesson.
javascript Server-side request forgery
javascript

Server-side request forgery

Learn how to protect your code from server-side request forgery attacks in JavaScript by exploiting a vulnerable web app as part of this Snyk Learn tutorial.
javascript Directory traversal
javascript

Directory traversal

Learn how to protect your code from directory traversal in JavaScript by exploiting a vulnerable web server.
javascript Cross-site scripting
javascript

Cross-site scripting

Learn how to protect your JavaScript code from various forms of cross-site scripting (XSS) attacks.
javascript Prototype pollution
javascript

Prototype pollution

Learn what JavaScript prototype pollution is and how to prevent it.
javascript SQL injection
javascript

SQL injection

Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
python Open redirect
python

Open redirect

Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.
python Directory traversal
python

Directory traversal

Learn how to protect your code from directory traversal in PHP by exploiting a vulnerable web server.
python SQL injection
python

SQL injection

Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
python Cross-site scripting
python

Cross-site scripting

Learn how to protect your Python code from various forms of cross-site scripting (XSS) attacks.
golang Directory traversal
golangNEW

Directory traversal

Learn how to protect your code from directory traversal in Go by exploiting a vulnerable web server.
golang Cross-site scripting
golang

Cross-site scripting

Learn how to protect your Go code from various forms of cross-site scripting (XSS) attacks.
golang SQL injection
golang

SQL injection

Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
php Directory traversal
phpNEW

Directory traversal

Learn how to protect your code from directory traversal in PHP by exploiting a vulnerable web server.
php Code injection
php

Code injection

Learn how to protect your applications against malicious code injection in PHP by exploiting a vulnerable web app as part of this Snyk Learn lesson.
php Cross-site scripting
php

Cross-site scripting

Learn how to protect your PHP code from various forms of cross-site scripting (XSS) attacks.
php SQL injection
php

SQL injection

Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
csharp Cross-site scripting
csharp

Cross-site scripting

Learn how to protect your C# code from various forms of cross-site scripting (XSS) attacks.
csharp SQL injection
csharp

SQL injection

Learn how to create SQL queries securely and avoid SQL injections attempts by malicious third parties.
kubernetes Container is running in privileged mode
kubernetes

Container is running in privileged mode

Learn why using privileged mode on a container is a bad idea in almost all cases.
kubernetes Container does not drop all default capabilities
kubernetes

Container does not drop all default capabilities

Learn how to improve Kubernetes security by dropping default capabilities for a container.