Learning Roadmap for the

Security Engineer

Attacking and Defending SQL Injection with Java Spring Boot
Attacking and Defending Persistent XSS with Java EE
Attacking and Defending Session Fixation with Java EE
Attacking and Defending XXE with Java EE
Implementing CSRF (Cross-Site Request Forgery) with Java EE
Attacking and Defending Insecure Deserialisation with Java EE
Attacking and Defending Insecure Deserialisation with Java EE
Attacking and Defending SSRF with Java EE
Attack and Defense SSRF With Django
Attacking and Defending SQL Injection with Java EE
VueJS: Content Security Policy Playground
ReactJS - Cross Site Scripting Playground
ReactJS - CSP Attack and Defense Playground
TLS and Encrypting Data in Transit
GRAPHQL Attack Vectors
Cross Origin Resource Sharing Playground
SAML Attack and Defense
Kotlin Security Playground
Swift Security Playground
Server-Side Request Forgery: Attack & Defense
Introduction to Web App Cryptography
Injections, XXE, and Insecure Deserialization
Cross-Site-Scripting Attack and Defense
Attacking and Defending Authentication & Access Control
Ruby on Rails Security Playground
Web Application Firewall Essentials - with ModSecurity
Angular Security Playground
Secrets Management with Hashicorp Vault
OAuth and OIDC Essentials
JWT Jiu-Jitsu
API Security: Attack and Defense

Challenges: 

Needy Lizard
Funny Cobra
Flat Lightning
Urban Baron
Prowling Wings
Dark Jumper
Pesky Beehive
Jumbo Rogue
Loyal Ghost
Formal Wasp
Earnest Hammer
Dessert Lizard
Bad Beehive
Tense Grandma
Goofy Gopher
Gigantic Gopher
Geriatric Gopher
Winter Fly
Dizzy Fox
Fastpass
JamesMoriarty
Xavier
Savannah
SQLStarwars
Cadmen
Charlotte
AWS Ambition System
The Last Request
Python Newsreader
Java Mad Hammer
Java Gifted Fiddler
Java Evil Duster
Java Mute Salesman
Extra Elastic Search
The Cuban Connection
Golang Gritty Gopher
Golang Gorgeous Gopher
Golang Gelatinous Gopher
Golang Gluttonous Gopher
Golang Garrulous Gopher
Do You No De Way
Parse Me That Node
Node're-Dame De
Node Trickster
Node Sessassin
Java Dazzling Wrangler
Java Common Behemoth
Python Mild Packer
Python Gleaming Diamond
Python Toxic Passenger
AWS S3 Security Measures
Terraform 101
Essential AWS API Gateway Security
Advanced AWS VPC Playground
AWS Lambda Vulnerability Assessment Playground
AWS Security Hub Essentials
Auditing AWS Environments
Secrets in AWS
Introduction to AWS S3
Introduction to AWS IAM

Challenges: 

AWS Twinkle Eclipse
AWS Sour Giant
AWS Lost Ribbon
AWS Lazy Sandstorm
AWS Iron Prince
AWS Fatal Tsunami
AWS Double Wings
AWS Dangerous Queen
AWS Cruel Bird
AWS Blue Sunburn
AWS Cheap Tower
AWS Classic Watchman
AWS Lean Flamingo
AWS Chief Prince
AWS Preying Volcano
AWS Impure Knight
AWS Miracle Master
AWS Lame Rogue
AWS Thirsty Sun
AWS Late Alpha
AWS Canine Prince
AWS Angry Eclipse
AWS Alien Doctor
AWS Arctic Cobra
AWS Sweet Aurora
AWS Orange Tower
AWS Hallow Witch
AWS Corrupt Guardian
AWS Empty Lyric
AWS Common Rainbow
AWS Busy Darling
AWS Empty Lightfoot
AWS Bad Sherpa
AWS Agile Trader
AWS Poor Bee
AWS Amazing Darling
AWS Flawless Tuner
AWS Urban Patriot
AWS Corrupt Packer
AWS Death Hammer
AWS Grave Rogue
AWS Dead Robin
AWS Loyal Wolf
AWS Bleak Digger
AWS Distant Surgeon
AWS Old Clown
AWS Crisp Widow
AWS Steel Lizard
AWS Impure Trader
AWS Firm Templer
AWS Digital Carpenter
AWS Crystal Lotus
AWS Lame Lightning
AWS Bruised Prince
AWS Enraged Sunburn
AWS Virtue
AWS Vertex
AWS Rush Hour
AWS Deluge
AWS Enigma box
AWS Hindsight
AWS Colossus
AWS Autonomous Life
Famous Tower
Infamous Author
Grizzled Bat
Silver Lyric
Flawless Bear
Enchanted Guardian
Jealous Nurse
Nervous Darling
Alert Passenger
Defiant Trader
Azure functions Security
Practical Azure Key Vault
Securing Network Access to Azure Virtual Machines
Introduction to Azure IAM
Introduction to Azure
Git 101
Jenkins Integration
DevSecOps with Gaia
Jenkins Security Best Practices
OSV Scanner Security Playground
Nuclei Automation for DevSecOps
DevSecOps with Gitlab CI
DAST with Jenkins
Static Analysis and Code Review for DevSecOps
Source Composition Analysis for DevSecOps
SCA with Jenkins
SAST with Jenkins
Github Actions for DevSecOps
DAST Automation with OWASP ZAP
Attacking Kubernetes Clusters Playground
Kubernetes Policy Management with Kyverno
Kubernetes Network Security and Service-Mesh Essentials
Kubernetes Authentication and Authorization
Kubernetes Admission Control
Kubernetes 101

Challenges: 

Kubernetes Dark Tinkerbell
Kuberentes Alpine Cookie
Kubernetes Arid Hawk
Kubernetes Warm Falcon
Kube Anonom
Antique Bagpipe
Confused Enigma
Miracle Crown
Tense Gambit
Wavy Patriot
Crazy Trader
Polar Lotus
Blissful Sherpa
Infinite Ribbon
Urban Halo
Dual Hunter
Essentials of Container Monitoring
Container Supply Chain Security Essentials
Attacking and Securing Container Registry
Attacking and Defending Containers
Threat Modeling with Microsoft Threat Modeling Tool
Threat Modelling Essentials
Agile Threat Modelling

Hands-on. Defensive. Bleeding-Edge.

There's no other training platform that does all three. Except AppSecEngineer.
Get Our Newsletter
Get Started
X
FOLLOW APPSECENGINEER
CONTACT

Contact Support

help@appsecengineer.com

1603 Capitol Avenue,
Suite 413A #2898,
Cheyenne, Wyoming 82001,
United States

Copyright AppSecEngineer © 2023