Free OSWA Mock Exam – Practice Online Confidently

Increase your chances of passing the OffSec OSWA exam questions on your first try. Practice with our free online OSWA exam mock test designed to help you prepare effectively and confidently.

Exam Code: OSWA
Exam Questions: 180
OffSec Web Assessor (OSWA)
Updated: 14 Jul, 2026
Question 1

Developer says “we sanitize server output.” You suspect a DOM sink. Which minimal probe best surfaces a client-side sink without server reflection?

Options :
Answer: C

Question 2

You gain SELECT access via SQLi on MySQL. You want SUPER privileges.

What technique applies?

Options :
Answer: D

Question 3

You want to enumerate hidden admin panels on https://corp.example/ while avoiding common noise. Requirements:

Ignore responses with status codes 302 and 403.

Match only responses containing “Admin” or “Control Panel” (case-insensitive).

Randomize User-Agent each request from ua.txt.

Throttle requests to bypass rate-limiting.

Which ffuf command lines satisfy all requirements? (Select all that apply)

Options :
Answer: C

Question 4

You want to enumerate hidden admin panels on https://corp.example/ while avoiding common noise. Requirements:

Ignore responses with status codes 302 and 403.

Match only responses containing “Admin” or “Control Panel” (case-insensitive).

Randomize User-Agent each request from ua.txt.

Throttle requests to bypass rate-limiting.

Which ffuf command lines satisfy all requirements? (Select all that apply)

Options :
Answer: C

Question 5

* * * * * tar -czf /root/backup.tar /home/user/*

Which filenames trigger escalation? (Select all that apply)

Options :
Answer: A,B

Viewing Page : 1 - 18
Practicing : 1 - 5 of 180 Questions

© Copyrights FreeMockExams 2026. All Rights Reserved

We use cookies to ensure that we give you the best experience on our website (FreeMockExams). If you continue without changing your settings, we'll assume that you are happy to receive all cookies on the FreeMockExams.