Storyline Content

Storyline is a course that guides you through the basics of OWASP TOP 10 2021 with a narrative that covers the same codebase in all learning activities. Each module builds on the last with multiple learning activities - keeping the learning anchored to a “story” that is relevant and contextual.

Starts with a gradual, slow pace and then eventually ramps up to greater interactivity to help developers learn in a safe environment.

• What do Storylines cover?
• Covered vulnerabilities
• Covered Languages/framework 
• How to create a storyline course

Storylines cover:

• Deep dives on vulnerabilities from videos and guidelines.
• Learning the impact of vulnerabilities with step-by-step walkthrough missions.
• Doing code analysis, and pinpointing how to fix the vulnerabilities with challenges.
• Doing the code fix, if available, with coding labs
• Doing offensive testing with a mission at the end of the course

• Web - Access Control - Missing Function Level Access Control
• Web - Sensitive Data Storage - Plaintext Storage of Passwords
• Web - Injection Flaws - SQL Injection
• Web - File Upload Vulnerability - Unrestricted File Upload
• Web - XML External Entities (XXE) - XML External Entities (XXE)
• Web - Vulnerable Components - Using Known Vulnerable Components
• Web - Authentication - Single Factor Authentication
• Web - Authentication - Improper Authentication
• Web - Mass Assignment - Mass Assignment
• Web - Insufficient Logging and Monitoring - Insufficient Logging and Monitoring
• Web - Server-Side Request Forgery - Server-Side Request Forgery (SSRF)

• C# (.NET) Core
• Java Spring
• JavaScript Node.js (Express)
• Python Django

How to create a Storyline course

Storyline is listed as one of the available course templates. Please read How to Create a Course for more details. 

Related Links:

• How to Create a Course
• How to Edit a Course