At KONTRA, we believe every software engineer should have free access to developer security training. KONTRA OWASP Top 10 is our first step in that direction. Inspired by real-world vulnerabilities and case studies, we’ve created a series of interactive application security training modules to help developers understand, identify and mitigate security vulnerabilities in their applications.

Free Access To Kontra OWASP Application Security Trainings are:

  • Ruby rest-client Backdoor
  • TikTok Cross-Site Scripting
  • Capital One SSRF
  • Token Exposure in URL
  • Leftover Debug Code
  • Forced Browsing
  • Session Fixation
  • Host Header Injection
  • Vertical Privilege Escalation
  • Directory Traversal
  • Clickjacking
  • Command Injection
  • User Enumeration
  • SQL Injection
  • XML Entity Injection
  • Reflected Cross-Site Scripting
  • Stored Cross-Site Scripting
  • Weak Rando mness
  • Horizontal Privilege Escalation
  • Insecure URL Redirect
  • Personally Identifiable Data in URL