Explore, exploit, and learn how to remediate the most critical web application security risks listed in the OWASP Top 10 (2025) list through interactive labs and practical recommendations.

The OWASP Top 10 list summarises the most common and impactful vulnerabilities found within web applications. This module, divided into three rooms, offers a practical demonstration of how each vulnerability appears; from learning, exploiting, to remediating. The OWASP Top 10 is a cornerstone for cybersecurity professionals and software developers.

OWASP Top 10 2025: IAAA Failures

Learn about A01, A07, and A09 in how they related to failures in the applied IAAA model.

OWASP Top 10 2025: Application Design Flaws

Learn about A02, A03, A06, and A10 and how they related to design flaws in the application.

OWASP Top 10 2025: Insecure Data Handling

Learn about A04, A05, and A08 as they related to insecure data handling.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.