infosec write-ups and ramblings

Corben Leo



Learn to Hack Web Apps

So you want to learn to hack.

Want to participate in bug bounty?

No problem. Here's a roadmap to follow so you can learn web hacking.

Just remember:

"Enduring growth cannot be achieved without a commitment to process"

Learn to love the process of learning and bettering yourself. Take time to understand. This is a marathon, not a sprint.

Here's a roadmap:

Learn to code:

Learn networking:

BORING? Maybe. But, this knowledge is invaluable

Download Burp Suite

Build a web application:

Build a basic web application with HTML, Javascript Python (Flask), and SQL.

Google a tutorial. Implement functionality such as creating posts, login & logout, etc.

Do anything that helps you understand how these components work together.

To break, you must first understand.

Learn about Web Vulnerabilities:

I share hacking stories on Twitter, so you can learn.

Also, I send out a newsletter that will help you.


I recommend trying the Department of Defense's Vulnerability Disclosure Program.

Develop your technical skills by learning from others and by doing.


You don't learn to cook in a day. It's a process.

You start with someone else's recipe.

Gradually, over time, you become proficient and are ready to make your own recipes.

This is a marathon, not a sprint. Learn to love the process of learning.

Good luck! Stay disciplined.

Corben Leo

Corben Leo

View Comments