Support

Elevate Your Expertise: Learn More, Save More, and Achieve More with Our Exclusive Training Deals!

Course Summary

Learn to exploit and secure web apps using white box pentesting methods. Take our WEB-300 course and earn your Web Application Security Certification (OSWE).

• Performing advanced web app source code auditing
• Analyzing code, writing scripts, and exploiting web vulnerabilities
• Implementing multi-step, chained attacks using multiple vulnerabilities
• Using creative and lateral thinking to determine innovative ways of exploiting web vulnerabilities

The course covers the following topics.

• Cross-Origin Resource Sharing (CORS) with CSRF and RCE

• JavaScript Prototype Pollution

• Advanced Server-Side Request Forgery (SSRF)

• Web security tools and methodologies

• Source code analysis

• Persistent cross-site scripting

• Session hijacking

• .NET deserialization

• Remote code execution

• Blind SQL injection

• Data exfiltration

• Bypassing file upload restrictions and file extension filters

• PHP type juggling with loose comparisons

• PostgreSQL Extension and User Defined Functions

• Bypassing REGEX restrictions

• Magic hashes

• Bypassing character restrictions

• UDF reverse shells

• PostgreSQL large objects

• DOM-based cross site scripting (black box)

• Server-side template injection

• Weak random token generation

• XML external entity injection

• RCE via database functions

• OS command injection via WebSockets (black box)

All learners are required to have: • Comfort reading and writing at least one coding language • Familiarity with Linux • Ability to write simple Python / Perl / PHP / Bash scripts • Experience with web proxies • General understanding of web app attack vectors, theory, and practice

The WEB-300 web application security course and online lab prepares you for the OSWE certification Duration: 48-hour exam Exam type: Proctored

Following your booking, a confirmation message will be sent to all participants, ensuring you're well-informed of your successful enrollment. Calendar placeholders will also be dispatched to assist you in scheduling your commitments around the course. Rest assured, all course materials and access to necessary labs or platforms will be provided no later than one week before the course begins, allowing you ample time to prepare and engage fully with the learning experience ahead.

Our comprehensive training package includes all the necessary materials and resources to facilitate a full learning experience. Enrollees will be provided with detailed course content, encompassing a wide array of topics to ensure a thorough understanding of the subject matter. Additionally, participants will receive a certificate of completion to recognize their dedication and hard work. It's important to note that while the course fee covers all training materials and experiences, the examination fee for certification is not included but can be purchased separately.
Send as a Prefilled Cart
Request Custom Delivery

Questions About This Course?







    Other Popular Courses

    Executive Cyber Risk Certification (ECRC)
    • Duration: 2 Days
    • Language: English
    • Level: Intermediate
    • Exam: ECRC
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Mastering Communication & Presentation Te...
    • Duration: 4 Days
    • Language: Danish
    • Level: Intermediate
    • Exam: MCPT
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details
    Next Generation Mindfulness
    • Duration: 1 Days
    • Language: English
    • Level: Foundation
    • Exam: NGM
    Select options This product has multiple variants. The options may be chosen on the product page
    See Price
    Dates & Details