I completed the Web Fundamentals Learning Path on TryHackMe and gained a solid foundation in web application security. This path taught me how to attack web applications through interactive exercises based on real-world scenarios.

Here are the key things I learned:

• I understood the basics of how the web works: I learned how websites, network protocols (e.g., HTTP), and DNS work and how these elements interact with each other.

• I identified and analyzed vulnerabilities: I learned about the most common vulnerabilities in web applications, such as SQL injection, cross-site scripting (XSS), and cross-site request forgery (CSRF). I learned how to analyze source code and application behavior to identify potential weaknesses.

• I exploited vulnerabilities in a safe environment: The course provided interactive exercises where I could safely exploit the vulnerabilities I learned about to understand how they work and what their consequences can be.

• I used security testing tools: I learned how to use tools like Burp Suite, which are industry standard and allow you to automate many tasks related to web application security testing.

• I evaluated the security of web applications: I learned methodologies and techniques for evaluating the security of web applications, which will allow me to conduct effective penetration tests.