Web Application Penetration Testing Online Training

While some security courses may brush over application security, or cover the security of small-scale “demo” applications, Infosec concentrates on the latest attacks against modern web applications.

Award Winning Training

For 17 years InfoSec has been one of the most awarded and trusted IT training vendors - 42 industry awards!

Exam Pass Guarantee

We offer peace of mind with our Exam Pass Guarantee for Flex Pro students.

Analysts Recommended

IDC lists Infosec as Major Player in their Security Training Vendor Assessment.

Course Overview

Infosec’s award winning Web Application Penetration Testing Boot Camp focuses on preparing students for the real world of Web App Pen Testing through extensive lab exercises thought provoking lectures led by an expert instructor. We review of the entire body of knowledge as it pertains to web application pen testing through a high-energy seminar approach.

Infosec offers this award winning Web Application Penetration Testing program to train and prepare IT Security Professionals.

The highlights of this course include:

  • Learn the Secrets of Web App Pen Testing in a totally hands-on classroom environment
  • Learn how to exploit and defend real-world web apps – not just silly sample code
  • Complete the 83 Step “Web App Pen Test Methodology”, and bring a copy back to work with you
  • Understand how to find Vulnerabilities in Source Code
  • Take home a fully featured Web App Pen Test Toolkit
  • Learn how perform OWASP Top 10 Assessments – for PCI DSS compliance
  • Leave Certified – IACRB CWAPT (Web Application Penetration Tester) Exam delivered on-site

Intensive Hands-On Training:

The Web Application Penetration Testing course from Infosec is a totally hands-on learning experience. From the first day to the last day, you will learn the ins and outs of Web App Pen Testing by attending thought provoking lectures led by an expert instructor. Every lecture is directly followed up by a comprehensive lab exercise (we also set up and provide lab workstations so you don’t waste valuable class time installing tools and apps).

Typical lab exercises consist of a real-world app that demonstrates a vulnerability commonly found in a web app. You learn how to assess the app much as a black hat hacker would, exploit the app so that you can demonstrate the true risk of the vulnerability to the application owner. This can involve taking control of the application itself, downloading data the application stores, or potentially using the app as a launching pad to attack unsuspecting visitors with a malicious script. Finally, the lab will follow up with remediation steps so that the application owner can properly close down the security hole for good.

Up To Date, Current, Courseware

The threat landscape for Web Applications changes on a near continuous basis. Bad guys wishing to attack your applications know that they need to stay ahead of the curve in order to get in. For this reason, Infosec continuously updates our Web App Pen Testing courseware to cover the latest and greats threats, exploits and mitigation strategies.

Expert Instruction

Infosec instructors that teach the Web App Pen Testing course are highly seasoned and have years of in the field pen testing experience. Not only are they active in the field of pen testing, they are industry-recognized experts that present at conferences such as DEFCON, Black Hat Briefings, RSA Security. Many of our instructors have authored some of the top Penetration Testing books on the market today.

This hands-on course teaches you:

  1. The fundamentals of modern Application Security on both .Net and Java platforms
  2. Application security threats and assessment/attack techniques
  3. The latest threats to Web Services and AJAX-enabled applications

Web Application Penetration Testing Boot Camp

Rated 4.8/5 based on 27 customer reviews

Award-winning training that you can trust.

G2 Crowd High Performer

Technical Skills Development Software

Outstanding Partnership Award

Gold Winner

Best Cybersecurity Education Provider

Publisher's Choice

Security Training for Infosec Professionals

Top 20 Company

IT Training

View Pricing

We will never share any of your information, spam you or annoy you with pushy sales pitches.

Web App Topics & Labs

    Infosec has only the highest quality instructors, with deep background in Application Security. Our instructors are actively involved in the Application Security community. They have authored several books on the subject, spoken at various industry conferences, and are considered subject matter experts.

    • Secure Programming Throughout the Application Development Lifecycle
    • Confronting Flawed Input Data
    • Implementation Best Practices
    • Source code analysis scanning software
    • Code Origin Access Control Methods
    • Network Transmission Security with the JSSE API/SSL
    • WS Security, XKMS, and WS-I Basic security profile
    • SecureXML Libraries
    • Privilege Escalation Opportunities
    • Race Conditions
    • Cross Site Scripting Injection
    • .Net Secure Remoting
    • Windows Forms Security
    • SQL Server: Exploitation and Defense
    • Fault Injection and Fuzzing
    • Java security managers, policy files, and JAAS
    • ASP.NET Security
    • XOR, Base64 and Garbage Data Obfuscation
    • Securely Maintaining Session State – Best Practices
    • Session fixation
    • Advanced SQL Injection
    • Oracle PL/SQL Injection
    • .Net Security tokens, XML signature, XML canonicalization, and XML encryption
    • Net WS-Trust and WS-Secure Conversation
    • Error Control Verbosity Abuse

    Our Major Clients

    Book your course

      What Our Students Are Saying

      Without any question, InfoSec has the most gifted individual instructors. Our instructor for this class was both an excellent educator and a premier/world class security expert. He was able to clearly explain and impart to the students, the most complicated security techniques I have ever heard of or imagined. I simply can not find the words to recommend him and Infosec security training more highly.

      John Hollan GE

      Advanced Ethical Hacking Training Boot Camp
      Ready to get started? Get instant pricing for this award-winning boot camp. View course pricing
      View instant course pricing