Course description

The course will introduce the various methods, tools and techniques used by attackers. You will study web application flaws and their exploitation.

No special skills are required as the course covers everything from the very basics.

This course covers:

  • How the Web Works.
  • How to use Vega Web Vulnerability Scanner.
  • Understanding SQL Injection Attacks.
  • Hacking WordPress with WPscan.
  • Cross-Site Scripting & Cross-Site Request Forgery.
  • Hook victims using BeEF Framework.
  • Gain Full Control over the Target Machine.
  • How Phishing Works.

After completing this course, you will understand major web application flaws and how to exploit a number of dangerous vulnerabilities such as SQL injections, CSRF attacks, XSS vulnerabilities, Phishing, etc.

Who this course is for:
  • Anyone who just simply wants to learn about web application hacking.
  • Web developers and pentesters.


  • A basic understanding of computers.
  • A desire to learn.

What you'll learn:

  • Understand How Websites Work.
  • Intercept and manipulate HTTP communication using Wireshark.
  • Discover, fix and exploit SQL injections.
  • How to Hack and Secure a WordPress Website.
  • Cross-Site Scripting (XSS).
  • Cross-Site Request Forgery (CSRF).
  • Hook victims with BeEF and steal credentials.
  • Gain full control over the target machine using BeEF and Weevely.

Course curriculum

  • 1


  • 2

    SQL Injection

  • 3

    WordPress Exploitation

    • Introduction to WPScan

    • How to Hack a WordPress Website with WPScan

    • How To Secure Your WordPress Website

  • 4

    Cross-Site Scripting (XSS)

    • Understand Cross-Site Scripting

    • Stored Cross-Site Scripting

    • Preventing Cross-Site Scripting Attacks

  • 5

    Browser Exploitation

  • 6

    Social Engineering

    • How To Use Weevely PHP Backdoor

    • How to perform CSRF Attack

    • Anatomy of a Cross-site Request Forgery Attack

    • Phishing Attack

  • 7

    Additional Videos

    • Basic Tips To Stay Safe Online

    • Wrap Up

Meet your instructor!

Juravlea Nicolae
Security Enthusiast & IT Consultant

Hi! I'm Nicolae. I love computers and technology, particularly in the areas of wireless encryption protocols, web development, network security, and anonymity.

Worked on various projects involving web design, networking, web application security, and other technology-related subjects. Skills and software utilized include:

Network Security: Aircrack-ng, Burp Suite, Kali Linux, Metasploit, Nmap, OWASP, Hydra, SQLmap, Web Application Security, Wi-Fi Security, Wireshark.

Web Development: HTML5, CSS3, jQuery, SQL, Bootstrap, Photoshop, SEO, Ruby on Rails, Wordpress.

JavaScript, PHP, Python, Ruby.


I hope to contribute to a world where we value skills and relationships over careers and money, and where we're passionate about building and creating things in a self-motivated and self-directed way.

Take this course today!

"Web Hacking for Beginners"