Featured resource
Tech Upskilling Playbook 2025
Tech Upskilling Playbook

Build future-ready tech teams and hit key business milestones with seven proven plays from industry leaders.

Learn more
  • Labs icon Lab
  • Security
Google Cloud Platform icon
Labs

Sanitize User Input for Go Applications

In this lab, you’ll practice identifying and mitigating common web vulnerabilities in a Go application. When you’re finished, you’ll have a secured Go web application demonstrating best practices against SQL Injection, XSS, and CSRF.

Google Cloud Platform icon
Labs

Path Info

Level
Clock icon Beginner
Duration
Clock icon 1h 20m
Last updated
Clock icon Aug 05, 2025

Contact sales

By filling out this form and clicking submit, you acknowledge our privacy policy.

Table of Contents

  1. Challenge

    Getting Started in the Lab Environment

    Here are the initial instructions and explanation of the lab environment. Read this while your environment is busy creating itself from nothing. Yes, this violates physics; we know. How fun!

  2. Challenge

    Understanding SQL Injection

    Learn the fundamentals of SQL Injection, one of the most critical web vulnerabilities. This challenge covers how attackers exploit insecure code to manipulate database queries, the different types of SQLi attacks, and their potential impact on your application.

  3. Challenge

    Uncovering and Patching SQL Injection in Go

    Exploit an SQL Injection vulnerability in the Globomantics CRM to bypass authentication. You will then review the insecure code and learn how parameterized queries are used to effectively prevent SQL injection attacks.

  4. Challenge

    Knowledge Check: SQL Injection

    Assess your understanding of SQL Injection. This quiz will test your knowledge of SQL injection (SQLi) concepts.

  5. Challenge

    Understanding Cross-Site Scripting (XSS)

    Discover the mechanics of Cross-Site Scripting (XSS), a vulnerability that targets application users. This challenge explains how attackers inject malicious scripts into trusted websites, the differences between Stored, Reflected, and DOM-based XSS, and the risks.

  6. Challenge

    Demonstrating and Mitigating Cross-Site Scripting (XSS)

    Exploit a Cross-Site Scripting (XSS) flaw in Globomantics CRM's feedback section by injecting a malicious script. You will then analyze the insecure code and review the usage of Go html/template package to encode user output and neutralize the threat properly.

  7. Challenge

    Knowledge Check: Cross-Site Scripting

    Test your knowledge of Cross-Site Scripting.

  8. Challenge

    Understanding Cross-Site Request Forgery (CSRF)

    Learn about Cross-Site Request Forgery (CSRF), the one-click attack that tricks users into performing unintended actions. This challenge covers the mechanics of how CSRF abuses a user's authenticated session and the standard defense against it.

  9. Challenge

    Protecting Against Cross-Site Request Forgery (CSRF) in Go

    Demonstrate a Cross-Site Request Forgery (CSRF) attack on an unprotected Globomantics CRM endpoint. You'll use a malicious page to force an unintended approval, then review anti-CSRF tokens in the Go app to secure the financial transaction.

  10. Challenge

    Knowledge Check: Cross-Site Request Forgery

    Assess your understanding of Cross-Site Request Forgery.

Sahil Gupta is highly skilled in Product Security, specializing in DevSecOps and Application Security. They are passionate about enhancing security posture & delivering robust and secure solutions.

What's a lab?

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Provided environment for hands-on practice

We will provide the credentials and environment necessary for you to practice right within your browser.

Guided walkthrough

Follow along with the author’s guided walkthrough and build something new in your provided environment!

Did you know?

On average, you retain 75% more of your learning if you get time for practice.