Welcome to OpSecX

View Courses




Automated Mobile Application Security Assessment with MobSF

Automated Mobile Application Security Assessment - MAS

by Ajin Abraham 24 Lessons $49.00 $20.00

Mobile Application market is growing like anything and so is the Mobile Security industry. With lots of frequent application releases and updates happening, conducting the security analysis of mobile applications becomes time consuming mainly because of the overheads in setting up and maintaining a mobile application testing environment. This course will introduce an extendable web framework called MobSF for Automated Security analysis of Mobile Applications.

OpSecX WebSecNinja: Lesser Known WebAttacks

WebSecNinja: Lesser Known WebAttacks - WSN

by Ajin Abraham 23 Lessons $99.00 $60.00

WebSecNinja: Lesser Known WebAttacks is a brand new and unique web security course that takes the learner to the next level of web security. A perfect blend of latest and lesser known web attacks that are explained with ultimate details and accompanied by demos and how tos that you can apply in real world red-team pentesting and security assessments. The course curriculum is designed to include web attacks and techniques that are not much documented in books, courses and elsewhere.

XSSing JavaScript-MVC Applications -XJA

XSSing JS-MVC Applications - XJA

by Bharadwaj Machiraju 12 Lessons $80.00 $40.00

The main objective of is to bring students up to speed with various security aspects of interfaces developed using JavaScript Model-View-Controller ideology. This course is in no way related to finding bypasses in the core frameworks, but more related to finding vulnerabilities in the applications developed by improper usage of these otherwise perfect frameworks. This is a deep dive course where the students will be building userscripts to dynamically hook into different templating engines to fuzz for Cross Site Scripting vulnerabilities.

What people say


  • Windows Exploit Development Megaprimer – WXP

    Recently I finished a course from offensive security (PWK.) It was great, but the exploit part just touched on the subject of software exploitation. That’s when I found Ajin Abraham’s Udemy course. It’s pretty amazing. It pretty much starts where PWK ends on exploit creation. This course is advanced, IMO. Ajin walks users through a deep dive of exploit creation – topics including: DEP mitigation, Egg Hunter creations, SEH handling and more. It’s well worth the price and I look forward to more courses from the author.

    Brian Warner
  • Cross Site Scripting (XSS) Attacks for Pentesters – XFP

    A+ for this course. I watched it once and now I am going through it trying all the demos.

    Joseph Inverar
  • Node.js Security: Pentesting and Exploitation – NJS

    This course seemed rushed. The content – while not bad – does not seem particularly well aligned with the title and is more or less a brief survey on Node.js app sec issues. Topics should be explained better. Demos should be expanded and explained (with impact made clear). etc.

    Dan Anderson
  • Automated Mobile Application Security Assessment with MobSF – MAS

    It was indeed a good session and case studies at the end helped relating things