Web Application Hacking and Defense


This training focuses on providing you hands-on experience of real-world web attacks. You will learn the most common threats against web applications and updated advanced web application exploitation techniques. Throughout the training, you will be exposed to how web application vulnerabilities can be exploited and learn to conduct web application risk assessment and penetration testing. This web application security training will help you to master the key concepts in website security, the OWASP top 10 web vulnerabilities and beyond.



Security Assessment With Analysis Report
No other training provider did this before, we are the FIRST! Prior the training, our security engineers will conduct a web application security assessment and provide a security analysis report on your web application.

Understand Your Web Application
You will get a clear understanding on the security and the hidden risks of your web application.

During the training

Hands-on Session
You will learn and improve your technical skills to test and secure a web application.

You will have the opportunity to focus and get professional consultation from trainer based on the challenges you face in the security analysis report on your web application.

Live Hacking and Penetration Testing Session
You will practice and sharpen your skills by applying it in the live web application hacking session.


Skills Application
You will be able to understand and fix the vulnerabilities of your web application listed in the security analysis report.

Master Web Application Security
You will be able to master advanced techniques to secure and conduct security assessment and penetration testing on web application.

Course Outline

Module 1: Introduction to Web Application Penetration Testing

Module 2: Web Application Architecture and Development

Module 3: HTTP Basics

Module 4: Information Gathering

Module 5: Mastering Burp Suite

Module 6: Injection

Module 7: Broken Authentication

Module 8: Sensitive Data Exposure

Module 9: XML External Entities (XXE)

Module 10: Broken Access Control

Module 11: Security Misconfiguration

Module 12: Cross-Site Scripting (XSS)

Module 13: Insecure Deserialization

Module 14: Using Components with Known Vulnerabilities

Module 15: Insufficient Logging & Monitoring

Module 16: Recommended Tests

Module 17: Introduction to Secure Coding

Learning Outcome

• Enable you to understand and communicate the web application security risks associated with hacking and other exploits
• Discover real-world web application hacking techniques and countermeasures
• Sharpen up your technical skills and learn to fix the web application vulnerabilities
• Learn to perform a web application security risk assessment and penetration testing to evaluate web application security threats and possible exploits
• Enable you to develop and design a secure web application
• Enable you to tackle real-life scenarios and apply new skills to the job with ease

Exam Details

Number of Questions: 1 Web Application
Passing score: 70%
Test Duration: 85 mins Exam + 5 mins NDA
Test Format: Multiple Choice
Test Delivery: Condition Zebra Test Center
Exam Prefix: CZ200

Who Should Attend

• Web Application Developers or Architects
• Web Security Professionals
• Development Managers
• Penetration Testers
• Application Security Analysts
• Information Security Professionals
• And Anyone who is Responsible For Web Application Security, Data Protection or Tasked With Building Secure Web Applications


4 Days

Web Application Hacking and Defense


Ready to get started?

Get in touch, or sign up now!