00 — Overview

Cryptographic Failures

Passwords stored in plaintext, sensitive data sent over HTTP, weak encryption keys, MD5 where bcrypt should be. Learn what goes wrong when applications mishandle cryptography.

Beginner·40 min·5 tasks

// By the end of this module

→Identify when sensitive data is transmitted or stored without encryption

→Recognise weak or outdated cryptographic algorithms (MD5, SHA-1, DES)

→Understand why HTTPS alone does not protect against all crypto failures

→Find cleartext secrets in headers, cookies, and API responses

// Prerequisites

Foundation · Beginner

How the Web Works

45 min

→

Foundation · Beginner

How Authentication Works

35 min

→