Web hacking is okay, even if it's your first time. From basics to practical skills, an introductory web security course where you learn like a hacker.
251 learners
Level Basic
Course period Unlimited
Reviews from Early Learners
5.0
고광우
I will describe the pros and cons. This review was written after completing only the problems within the lecture content, without solving the CTF problems. [Pros] 1. Problems can be solved through a stable web environment. -> Previously, users had to set up environments individually using virtual machine images, which often led to environment-specific issues that prevented even attempting the problems. Knock-on has solved this issue through its problem-solving LMS. 2. Active community (Discord) -> Technical support for resolving issues encountered during problem-solving was extremely fast and satisfying thanks to active communication on Discord. -> I am especially grateful to yeonwoo and hongsam3 for their generous advice and support. 3. Web vulnerability problems across various fields -> While other environments often focus heavily on XSS or SQL Injection, Knock-on was great because it provided exposure to diverse environments and problems (e.g., SSTI, Race Condition, etc.). [Cons] 1. I wish there were higher difficulty problems for SQL Injection. -> For example, it would be good to have problems with a difficulty level where you have to extract table and column names one by one using Blind SQL Injection from SQL metadata (e.g., information_schema.schemata in MySQL). 2. (The biggest issue) The text in the solution videos was too small to see clearly, making it difficult to follow the problem-solving screen. I hope there is a review process before uploading solution videos.
5.0
사이버보안기능반
It was beneficial because I could have fun learning while obtaining flags through the hands-on practice! ^^
5.0
김도원
It was a great curriculum that helped organize the scattered web hacking knowledge I had studied. I especially liked being able to resolve my questions through Discord. I hesitated to make the purchase, but it was a purchase I don't regret. Thank you.
Practical web hacking techniques used from CTF to the real world
Various Web Hacking Techniques and Practices
Understanding HTTP structure, cookies/sessions, and learning authentication bypass scenarios
Gain practical experience by solving simple CTF problems yourself.
Who is this course right for?
Those who are interested in web hacking but don't know how to get started
Beginners who want to learn by practicing exploit attacks.
Those who have experienced getting stuck while studying alone
Those who are not security majors but want to take on the challenge of hacking
Aspiring hackers preparing for CTF or Bug Bounty programs
Need to know before starting?
A basic understanding of HTML/CSS or how the web works.
Experience using very simple Linux commands
Basic structure of C or Python
As long as you have an interest in hacking and a willingness to learn, you're good to go!
806
Learners
86
Reviews
50
Answers
4.9
Rating
5
Courses
Hello! We are knockOn, a company of hackers.
Instagram : https://www.instagram.com/knockon_official/
Our company was established to resolve the concerns of beginners feeling lost in hacking, developers wanting to gain security knowledge, and students majoring in the field who wish to pursue a career in security.
Students who want to get into hacking often find themselves asking questions like, "Do I need to start with coding first?", "How much do I need to know?", or "How does hacking actually work?" Many also have a simple fascination with it, thinking, "Hacking looks so cool—maybe I should give it a try." Our goal is to provide lectures that resolve these uncertainties and help students take their first steps into the field, turning that initial curiosity into real-world skills.
I believe many developers who want to gain security knowledge start studying because of the anxiety that their websites or services might be hacked, or to gain a competitive edge for landing a job at a better company. For these individuals, we conduct our lectures with the goal of providing compact, short, and high-density content.
I believe students majoring in this field who want to pursue a career in security likely feel the most overwhelmed. This is because school classes don't provide sufficient knowledge of security, and there are no specialized educational institutions available. It is extremely difficult to handle this on your own, so we are conducting these lectures to help you experience various security roles (penetration testing, red teaming, freelancing, etc.) and assist you in deciding on a specific career path.
With a curriculum that has produced security team members for major corporations such as Kakao, Baedal Minjok, and NCSoft, we have structured the course to guide students step-by-step from basic C programming to advanced hacking, ensuring that even those with zero prior knowledge of computer science can follow along.
All
78 lectures ∙ (5hr 49min)
Course Materials:
All
38 reviews
5.0
38 reviews
Reviews 1
∙
Average Rating 5.0
Reviews 5
∙
Average Rating 5.0
Reviews 1
∙
Average Rating 5.0
5
It was a great curriculum that helped organize the scattered web hacking knowledge I had studied. I especially liked being able to resolve my questions through Discord. I hesitated to make the purchase, but it was a purchase I don't regret. Thank you.
Thank you so much for leaving a review! 😊 As the person who designed the curriculum, it’s incredibly rewarding to hear that you felt your scattered web hacking knowledge finally came together. ㅎㅎ I think it was even better because you made great use of the Discord for questions, and I’m so glad to hear you don’t regret your purchase. I will continue to provide lectures that help you in your learning journey. Thank you!
Reviews 1
∙
Average Rating 5.0
5
It was beneficial because I could have fun learning while obtaining flags through the hands-on practice! ^^
Thank you for the great review! I'm really proud to hear that you enjoyed the process of obtaining flags through hands-on practice. After all, the experience of diving in and doing it yourself seems to stick with you the longest. I hope you continue to enjoy growing in your studies just as you are now. I'll be rooting for you! 🙂
Reviews 17
∙
Average Rating 4.8
5
I will describe the pros and cons. This review was written after completing only the problems within the lecture content, without solving the CTF problems. [Pros] 1. Problems can be solved through a stable web environment. -> Previously, users had to set up environments individually using virtual machine images, which often led to environment-specific issues that prevented even attempting the problems. Knock-on has solved this issue through its problem-solving LMS. 2. Active community (Discord) -> Technical support for resolving issues encountered during problem-solving was extremely fast and satisfying thanks to active communication on Discord. -> I am especially grateful to yeonwoo and hongsam3 for their generous advice and support. 3. Web vulnerability problems across various fields -> While other environments often focus heavily on XSS or SQL Injection, Knock-on was great because it provided exposure to diverse environments and problems (e.g., SSTI, Race Condition, etc.). [Cons] 1. I wish there were higher difficulty problems for SQL Injection. -> For example, it would be good to have problems with a difficulty level where you have to extract table and column names one by one using Blind SQL Injection from SQL metadata (e.g., information_schema.schemata in MySQL). 2. (The biggest issue) The text in the solution videos was too small to see clearly, making it difficult to follow the problem-solving screen. I hope there is a review process before uploading solution videos.
Thank you so much for taking the time to write such a thoughtful review, detailing both the pros and cons. I read through every point carefully. First of all, thank you for your positive feedback on the LMS-based web environment and the Discord community. I designed the system so that students could focus entirely on problem-solving without the unnecessary stress of setting up environments, and I’m glad that intention came through. I also appreciate your kind words regarding the communication and support on Discord; I will be sure to pass your compliments along to the individuals you mentioned. I also strongly agree with your point about the benefit of experiencing a wide range of web vulnerabilities—such as SSTI and Race Condition—rather than being limited to just XSS and SQLi. My goal was to broaden the scope of what students might encounter in real-world scenarios, and it seems that direction was well-received. Regarding the drawbacks you mentioned, I believe they are all very valid points. I plan to actively incorporate high-difficulty SQL Injection challenges (especially those involving Blind-based metadata extraction) into future advanced tracks or as additional problems. I agree that we need "endurance-testing problems" rather than just simple bypasses. The issue with the font size in the solution videos is also very important feedback. Since you highlighted it as the biggest issue, I will ensure that all future uploads undergo a much stricter pre-check for resolution, scaling, and readability. A review written from such a detailed and technical perspective is incredibly helpful for improving the course. Thank you once again, and I will strive to provide even better content in future sessions! :)
Check out other courses by the instructor!
Explore other courses in the same field!
$127.60
