100% Free OffSec OSWA Practice Test Questions and Answers 2026

Start Learning with the Latest and Real 100% Free OffSec OSWA Exam Questions

Page: 1 / 36

Total 180 Questions | Updated On: May 21, 2026

Add To Cart

Question 1

You inject payload:Which vulnerability chain is demonstrated?

A : Stored XSS → CSRF with session context

B : SQLi → Privilege escalation

C : CSRF → XSS → DoS

D : IDOR → XSS → CSRF

Answer: A

Question 2

Developer says “we sanitize server output.” You suspect a DOM sink. Which minimal probe best surfaces a client-side sink without server reflection?

A :

B :

C :

D :

Answer: C

Question 3

A healthcare portal blocks standard CSRF submissions, but accepts GET requests with sensitive parameters. You need to trick a logged-in doctor into issuing a prescription refill.Which payload works best?

A :

B :

C : Both A and B

D : Neither

Answer: C

Question 4

What’s the most reliable exploit?

A :

B :

C :

D :

Answer: D

Question 5

A user has sudoedit rights on /etc/exports via sudoedit /etc/exports.How can you escalate to root?

A : Use sudoedit to add a line that gives root passwordless SSH access.

B : Use sudoedit to replace /etc/exports with a file that is parsed by a privileged process to execute commands (e.g., systemd or startup scripts).

C : Use sudoedit to replace /etc/exports with a file that is parsed by a privileged process to execute commands (e.g., systemd or startup scripts).

D : Use sudoedit to write a file in /etc/cron.d/ by using a symlink trick while the editor runs as root.

Answer: C

Page: 1 / 36

Total 180 Questions | Updated On: May 21, 2026

Add To Cart