Featured resource
2025 Tech Upskilling Playbook
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Check it out
  • Lab
    • Libraries: If you want this lab, consider one of these libraries.
    • Security
Google Cloud Platform icon
Labs

Sanitize User Input for Go Applications

In this lab, you’ll practice identifying and mitigating common web vulnerabilities in a Go application. When you’re finished, you’ll have a secured Go web application demonstrating best practices against SQL Injection, XSS, and CSRF.

Google Cloud Platform icon
Lab platform
Lab Info
Level
Beginner
Last updated
Aug 05, 2025
Duration
1h 20m

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.
Table of Contents
  1. Challenge

    Getting Started in the Lab Environment

    Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!

  2. Challenge

    Understanding SQL Injection

    Learn the fundamentals of SQL Injection, one of the most critical web vulnerabilities. This challenge covers how attackers exploit insecure code to manipulate database queries, the different types of SQLi attacks, and their potential impact on your application.

  3. Challenge

    Uncovering and Patching SQL Injection in Go

    Exploit an SQL Injection vulnerability in the Globomantics CRM to bypass authentication. You will then review the insecure code and learn how parameterized queries are used to effectively prevent SQL injection attacks.

  4. Challenge

    Knowledge Check: SQL Injection

    Assess your understanding of SQL Injection. This quiz will test your knowledge of SQL injection (SQLi) concepts.

  5. Challenge

    Understanding Cross-Site Scripting (XSS)

    Discover the mechanics of Cross-Site Scripting (XSS), a vulnerability that targets application users. This challenge explains how attackers inject malicious scripts into trusted websites, the differences between Stored, Reflected, and DOM-based XSS, and the risks.

  6. Challenge

    Demonstrating and Mitigating Cross-Site Scripting (XSS)

    Exploit a Cross-Site Scripting (XSS) flaw in Globomantics CRM's feedback section by injecting a malicious script. You will then analyze the insecure code and review the usage of Go html/template package to encode user output and neutralize the threat properly.

  7. Challenge

    Knowledge Check: Cross-Site Scripting

    Test your knowledge of Cross-Site Scripting.

  8. Challenge

    Understanding Cross-Site Request Forgery (CSRF)

    Learn about Cross-Site Request Forgery (CSRF), the one-click attack that tricks users into performing unintended actions. This challenge covers the mechanics of how CSRF abuses a user's authenticated session and the standard defense against it.

  9. Challenge

    Protecting Against Cross-Site Request Forgery (CSRF) in Go

    Demonstrate a Cross-Site Request Forgery (CSRF) attack on an unprotected Globomantics CRM endpoint. You'll use a malicious page to force an unintended approval, then review anti-CSRF tokens in the Go app to secure the financial transaction.

  10. Challenge

    Knowledge Check: Cross-Site Request Forgery

    Assess your understanding of Cross-Site Request Forgery.

About the author

Sahil Gupta is highly skilled in Product Security, specializing in DevSecOps and Application Security. They are passionate about enhancing security posture & delivering robust and secure solutions.

Real skill practice before real-world application

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Learn by doing

Engage hands-on with the tools and technologies you’re learning. You pick the skill, we provide the credentials and environment.

Follow your guide

All labs have detailed instructions and objectives, guiding you through the learning process and ensuring you understand every step.

Turn time into mastery

On average, you retain 75% more of your learning if you take time to practice. Hands-on labs set you up for success to make those skills stick.

Get started with Pluralsight