Security TestingWeb UIAdvanced30-45 min

Google Gruyere - Web security exploration

Scenario

You are exploring an intentionally vulnerable web security lab. Focus on identifying categories of security tests: authentication, authorization, unsafe input handling, stored content, request tampering, and data exposure.

Lab workspace

Google Gruyere

Intentionally vulnerable web security lab

Open the third-party practice site in a new tab, test the target flow there, then return here to organize your notes and submit your answer. We do not embed external sites.

1Open the external practice site
2Explore the target flow
3Write your testing notes
4Submit answer and compare with senior QA feedback

Focus areas

Auth boundariesPrivate contentStored inputRequest tamperingSafe errors

Suggested timebox: 30-45 min

Testing notes

Use this while exploring the external site. These notes are saved locally in your browser.

What would you test?

When you are ready, summarize what you would test below.