The Most Notorious Bugs: SQL Injection & XSS (W49) - Pentestmag

This course is designed for those who are looking to move their web application penetration skills to the next level! Working from scratch, this course aims to provide comprehensive knowledge of two of the most notorious and common vulnerabilities, SQL Injection and Cross Site Scripting.

Course benefits:

What skills will you gain?​​ ​​​

At the end of this course, The students will be able to:

  • Create custom tools
  • Use different tools for finding SQL Injection and Cross Site Scripting
  • Manual Testing

What will you learn about?

  • Creating custom tools
  • Identifying vulnerabilities in web applications
  • Automation of vulnerability finding

What tools will you use?

  • Python3
  • Manual Testing
  • Automation Tools

Course general information: 

DURATION: 3 hours

CPE POINTS: On completion you get a certificate granting you 3 CPE points. 

Course launch date: April 28th, 2023

Course format: 

  • Self-paced
  • Pre-recorded
  • Accessible even after you finish the course
  • No preset deadlines
  • Materials are video, labs, and text
  • All videos captioned

What will you need?

  • A good internet connection

What should you know before you join?

  • A little knowledge of Python will be beneficial but not compulsory.


The individual is currently in their 6th semester pursuing a B.Tech in Cybersecurity. They have experience in ethical hacking and securing various companies around the world such as Google, Nykaa, RedBull, Octopus Energy, and Sony. In addition, they have written numerous articles on cybersecurity on Medium, with over 1,000 subscribers, and have given various webinars and talks on ethical hacking and cybersecurity globally. They are currently building a platform called "" to help beginners get into cybersecurity and ethical hacking for free or at a low cost.


Module 0

Course Overview

Module 1

Cross Site Scripting

This module will help you to understand everything related to Cross Site Scripting. 

Module 1 covered topics: 

  • Introduction
  • Types of XSS
  • Ways to find XSS

Module 1 exercises:

  • MCQ Quiz

Module 2

SQL Injection

This module will help you to understand everything related to SQL Injection.

Module 2 covered topics: 

  • Introduction
  • Types of SQL Injection
  • Manual Testing
  • Automated Testing

Module 2 exercises:

  • MCQ Quiz

Module 3

Interacting with websites using Python

Learn how to interact with websites using Python.

Module 3 covered topics:

  • Introduction to Requests Library
  • Sending GET request
  • Sending POST request

Module 3 exercises:

  • MCQ Quiz

Module 4

Creating Vulnerability Scanner

Learn how to create a vulnerability scanner.

Module 4 covered topics:

  • Introduction
  • Creating XSS scanner
  • Creating SQL Injection Scanner

Module 4 exercises:

  • MCQ Quiz


Questions? Reach out to us at [email protected].

Course Reviews


1 ratings
  • 5 stars0
  • 4 stars0
  • 3 stars0
  • 2 stars0
  • 1 stars0

No Reviews found for this course.

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023