Course essentials
Boot camp at a glance
-
Method
Online, in-person, team onsite
-
Duration
5 days
-
Experience
1-3 years
-
Average salary
$157,400
What you'll learn
Training overview

This immersive mobile and web application penetration testing training equips you with the knowledge and expertise to perform thorough assessments of applications and effectively mitigate potential security risks. By completing this course, you will:
- Identify vulnerabilities: Develop the skills to identify and exploit vulnerabilities in mobile and web applications, including common weaknesses such as injection attacks, cross-site scripting (XSS) and security misconfigurations.
- Get hands-on experience: Learn how to demonstrate common vulnerabilities found in a web or mobile app. Assess and exploit the app, then use remediation steps to help close the security hole.
- Understand different application frameworks: Learn how to perform static and dynamic analysis of iOS and Android apps using popular tools to find vulnerabilities in source code, exploit weaknesses in implementing mobile security controls and more.
- Prepare for industry certification: Leave fully prepared to pass the Certified Mobile and Web Application Penetration Tester (CMWAPT) exam.
By the end of the Mobile and Web Application Penetration Testing Boot Camp, you will have the confidence and skills to perform comprehensive security assessments of mobile and web applications, helping organizations identify and mitigate vulnerabilities.
Award-winning training you can trust
What's included
Everything you need to know

- 90-day extended access to Boot Camp components, including class recordings
- 100% Satisfaction Guarantee
- Exam Pass Guarantee
- Exam voucher
- Free 90-day Infosec Skills subscription (access to 1,400+ additional courses and labs)
- Knowledge Transfer Guarantee
- Onsite proctoring of exam
- Pre-study learning path
- Unlimited practice exam attempts
Before your boot camp
Prerequisites
Prior to enrolling in the Mobile and Web Application Penetration Testing Training Boot Camp, you must have:
- Familiarity with penetration testing concepts
- At least one year in an information security role or equivalent experience. This is recommended to be prepared for the CMWAPT exam.
Syllabus
Training schedule
Web application pentesting
- Setting up a web application pentesting platform
- Installing vulnerable apps
- Burp Suite basics
- Analyzing the attack surface
- Cross-site scripting (XSS)
- HTML injection
- And much more
iOS exploitation
- iOS security model
- App signing, sandboxing and provisioning
- Finding URL schemes
- Broken cryptography
- Code obfuscation techniques
- And much more
Android exploitation
- Android security architecture
- Android application structure
- Attack surfaces for Android applications
- Exploiting local storage
- Exploiting weak cryptography
- And much more
Guaranteed results
Our boot camp guarantees

Exam Pass Guarantee
If you don’t pass your exam on the first attempt, get a second attempt for free. Includes the ability to re-sit the course for free for up to one year (does not apply to CMMC-AB boot camps).

100% Satisfaction Guarantee
If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.

Knowledge Transfer Guarantee
If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
Unlock team training discounts
If you’re like many of our clients, employee certification is more than a goal — it’s a business requirement. Connect with our team to learn more about our training discounts.

FAQ
Frequently asked questions
What is web and mobile application penetration testing?
Web and mobile application penetration testing is a security assessment technique to identify vulnerabilities and security weaknesses. It involves simulating real-world attacks on mobile and web applications to assess their security posture and uncover potential vulnerabilities that could be exploited by attackers.
How is penetration testing different from ethical hacking?
While the terms “ethical hacking” and “penetration testing” are often used interchangeably, there are a few details that differentiate the two. Penetration testing is a procedure to discover vulnerabilities in an information system — mimicking the methods of hackers attempting to compromise secure information. Ethical hacking is more of an umbrella term that encompasses all hacking methods, including pentesting. Read our article, Ethical hacking vs. penetration testing, for more information about the differences between these terms.
What hardware and software is needed to complete the Mobile and Web App Pentesting Boot Camp?
None! All the necessary software and free tools will be provided during training.
How has the penetration testing industry grown in recent years? Has the need for penetration testing skills changed in the last five or 10 years?
The biggest change in the pentesting industry has been the rapid increase in mobile and web application use and development. Accomplished penetration testers today are required to know the ins and outs of both the Android and iOS platforms to identify vulnerabilities and threats. As technology continues to advance, the tools and techniques penetration testers utilize will continue to evolve as well.
You're in good company
I highly recommend this web application penetration testing course. The practical exercises and hands-on labs provided valuable insights into real-world scenarios. The instructors were knowledgeable and supportive throughout the training.
Jennifer, IT Security Professional
The course materials were comprehensive, and the labs allowed me to practice various penetration testing techniques on web applications. The instructors shared their expertise and provided practical tips for securing web applications effectively.
David, Software Developer
This course provided a solid foundation in web application penetration testing. The hands-on labs were challenging, and the instructors were excellent in explaining complex concepts. I feel confident in my ability to assess and secure web applications after completing this training.
Sarah, Cybersecurity Analyst
Enroll in a boot camp
Explore our top boot camps
More learning opportunities
-
Most popularBoot camp
CompTIA Security+ Training Boot Camp
Infosec’s CompTIA Security+ Boot Camp teaches you information security theory and reinforces that theory with hands-on exercises to help you learn by doing. You’ll learn how to configure and operate many different technical security controls — and leave prepared to pass your Security+ exam.
Learn More
-
#1 FOR BEGINNERSBoot camp
Cisco CCNA Associate & CyberOps Associate Training Boot Camp with Dual Certification
Infosec’s authorized CCNA Dual Certification Boot Camp helps you build your knowledge of networking and provides hands-on experience installing, configuring and operating network devices — all while preparing you to earn two Cisco certifications.
Learn More
-
Most requestedBoot camp
(ISC)² CISSP® Certification Training and Boot Camp
Take your career to the next level by earning one of the most in-demand cybersecurity certifications. Infosec’s CISSP training provides a proven method for mastering the broad range of knowledge required to become a Certified Information Systems Security Professional.
Learn More