A comprehensive, end-to-end study guide covering core web security concepts, vulnerabilities, and modern detection techniques.
- HTTP fundamentals (requests, responses, cookies)
- OWASP Top 10
- XSS (Reflected, Stored, DOM)
- SQL Injection (Error-based, Boolean-based)
- IDOR (Advanced detection logic)
- Security Headers
- Open Redirect & Directory Exposure
- Authentication & Sessions
- Web Crawling (BFS-based)
- Machine Learning in Security (CVSS + CWE + NVD)
- Real-world attack explanations
- Scanner-level detection logic
- ML-based severity classification
- Interview-focused explanations
π Download PDF
Tirth
- GTU IT
- IIT Delhi (Ethical Hacking)
- IIT Guwahati (AI/ML)
- DOM XSS detection (Playwright)
- JWT vulnerability testing
- Rate limiting detection
- API security testing
This project is licensed under the MIT License.