00 — Overview

Race Conditions

Learn how sending simultaneous requests exploits TOCTOU flaws — redeeming coupons multiple times, buying out-of-stock items, and bypassing rate limits.

Intermediate·45 min·5 tasks

// By the end of this module

→Understand TOCTOU vulnerabilities and why timing creates exploitable windows

→Exploit race conditions to bypass single-use limits and discount codes

→Use concurrent requests to trigger double-spend and limit bypass

→Detect race condition vulnerabilities in transactional endpoints

// Prerequisites

Foundation · Beginner

How the Web Works

45 min

→

Foundation · Beginner

APIs & Modern Web Apps

35 min

→