Get certified, guaranteed
Everything you need to earn your CMWAPT
- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Exam Pass Guarantee
- Exam voucher
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Knowledge Transfer Guarantee
- Onsite proctoring of exam
- Pre-study learning path
- Unlimited practice exam attempts

Award-winning training you can trust
What you'll learn
Training overview
Infosec’s Mobile and Web Application Penetration Testing Boot Camp is a practical, hands-on training focused on teaching you the skills, tools and techniques required for conducting comprehensive security tests of mobile devices and web applications.
You’ll learn the secrets of mobile and web app penetration testing in an immersive environment, including exploiting and defending web and mobile apps, performing static and dynamic analysis of iOS and Android apps using popular tools, finding vulnerabilities in source code, exploiting weaknesses in the implementation of mobile security controls and more. The boot camp also prepares you to earn the Certified Mobile and Web Application Penetration Tester (CMWAPT) certification.
Before your boot camp
Prerequisites
Familiarity with penetration testing concepts and at least one year in an information security role, or equivalent experience, is recommended.

Syllabus
Training schedule
-
Web application pentesting
-
- Setting up a web application pentesting platform
- Installing vulnerable apps
- Burp Suite basics
- Analyzing the attack surface
- Cross-site scripting (XSS)
- HTML injection
- And much more
-
-
iOS exploitation
-
- iOS security model
- App signing, sandboxing and provisioning
- Finding URL schemes
- Broken cryptography
- Code obfuscation techniques
- And much more
-
-
Android exploitation
-
- Android security architecture
- Android application structure
- Attack surfaces for Android applications
- Exploiting local storage
- Exploiting weak cryptography
- And much more
-
Guaranteed results
Our boot camp guarantees

Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Unlock team training discounts
If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

FAQ
Frequently asked questions
-
Why is getting certified an important part of a career in penetration testing?
-
Earning a Penetration Testing certification can be a great way to bump your status, job title, and even pay grade! It makes you a marketable employee and you will gain a specialized skillset through the certification process that other professionals lack. Infosec’s pen-testing Boot Camp offers hands-on training about hacking and penetration testing, which will give you the expertise necessary to differentiate yourself and impress potential employers.
-
-
What career opportunities are available to penetration Testing boot camp graduates?
-
While career opportunities are defined by education, certification, years of experience and location—opportunity and the need for Ethical Hackers and Penetration Testers is rising at a significant rate. As cybersecurity threats continue to increase, the need for educated professionals in the field to identify weaknesses and prevent data breaches will grow alongside it. Click here for more information on career paths for pen-testers and related salary info.
-
-
How is penetration testing different from ethical hacking?
-
While the terms “Ethical Hacking” and “Penetration Testing” are often used interchangeably, there are a few details that differentiate the two. “Penetration testing” is a procedure to discover vulnerabilities about an information system—mimicking the methods of black hat hackers that would attempt to compromise secure information. “Ethical hacking” is more of an umbrella term that encompasses all hacking methods, including pen-testing. Click here for more information about the differences between these terms.
-
-
How does the CMWAPT examination process work?
-
The CMWAPT exam can be taken at training partner locations, proctored on-site for groups of at least 10, or taken over the internet. As a training partner, Infosec is verified to administer the exam on the 5th day of our Training session for both Flex Pro and Flex Classroom formats. The certification exam itself is a 50-question, multiple-choice test that must be completed in two hours. Any score above 70% is considered passing.
-
-
What are the renewal requirements for the CMWAPT?
-
After four years, the CMWAPT certification expires, and a renewal exam must be completed at no expense to the cert holder. Candidates up for recertification will be required to take the current version of the exam issued by the Infosec Institute.
-
-
What does this penetration testing training course provide that other offerings do not?
-
Infosec’s pass rate for Pen Testing Boot Camp participants sits at 93% – the highest in the industry! In a constantly-changing field, our experts work to keep their training up-to-date so that you can rest assured you’re receiving the highest quality training available—covering all the latest technologies.
-
-
What are CMWAPT domains?
-
The eight CMWAPT domains are as follows: Mobile and Web Application Pentesting Process and Methodology, Web Application Vulnerabilities, Web Application Attacks, Android Application Components, Android Application Attacks, iOS Application Components, iOS Application Attacks, and Secure Coding Principles.
-
-
How much programming experience is typically required to take this course?
-
The CMWAPT certification does not require students to have formal work-experience related to penetration testing. However, it is a rigorous exam and will test your ability to apply knowledge and skills in practice. We recommend you familiarize yourself with the content of each of the exam’s domains, as well as the associated tools and technology.
-
-
What are the pre-requirements to enroll in the Mobile and Web App Penetration Testing training?
-
There are no pre-requirements to enroll in this Training Boot Camp, however, we do recommend that students have a good working knowledge of networking, TCP/IP protocols, and the Linux Operating System before signing up.
-
-
What hardware and software is needed to complete the Mobile and Web App Pentesting boot camp?
-
None! All the necessary hardware and software will be provided during training.
-
-
How has the penetration testing industry grown in recent years? Has the need for penetration testing skills changed in the last 5 or 10 years?
-
The biggest change in the pen-testing industry has been the rapid increase of mobile and web application usage and development. Accomplished penetration testers today are required to know the ins-and-outs of both the Android and iOS platforms in order to identify vulnerabilities and threats. As technology continues to advance, the tools and techniques penetration testers utilize will continue to evolve as well.
-
-
Are exam vouchers included with the purchase of this course?
-
Yes, exam vouchers are included with the training, and the exam is proctored on-site during the final day of the course.
-
-
What job titles are most common for penetration testers and people who hold the Infosec Institute CMWAPT?
-
Common job titles include Penetration Tester, Security Engineer, Information Security Analyst, and many more.
-
-
What are some tips for passing the CMWAPT and other penetration testing certs?
-
We recommend enrolling in a training course like the one Infosec offers here. With a 93% certification exam pass rate, you can rest assured that we offer the best training in the industry! While studying, we recommend you budget your time accordingly so that you are familiar with each of the exam’s eight domains and can identify which topics are your weakest. Focus on the tools and technology you’ll use in real-world scenarios as a penetration tester.
-
Enroll in a boot camp
-
Exam Pass Guarantee
-
Exam Pass Guarantee
Similar boot camps
More learning opportunities
-
Most popularBoot camp
CompTIA Security+ Training Boot Camp
Infosec’s CompTIA Security+ Boot Camp teaches you information security theory and reinforces that theory with hands-on exercises to help you learn by doing. You’ll learn how to configure and operate many different technical security controls — and leave prepared to pass your Security+ exam.
Learn More
-
#1 FOR BEGINNERSBoot camp
Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification
Infosec’s authorized CCNA Dual Certification Boot Camp helps you build your knowledge of networking and provides hands-on experience installing, configuring and operating network devices — all while preparing you to earn two Cisco certifications.
Learn More
-
Most requestedBoot camp
(ISC)² CISSP® Certification Training and Boot Camp
Take your career to the next level by earning one of the most in-demand cybersecurity certifications. Infosec’s CISSP training provides a proven method for mastering the broad range of knowledge required to become a Certified Information Systems Security Professional.
Learn More