Study any time, from any device.

Become a Certified Mobile and Web App Penetration Tester (CMWAPT)

The Certified Mobile and Web App Penetration Tester (CMWAPT) certification path teaches you the skills, tools and techniques required for conducting comprehensive security tests of mobile and Web applications.

9 courses  //   48 videos  //   5 hours of training

Certified Mobile and Web App Penetration Tester (CMWAPT) training

This learning path builds your penetration testing skills and prepares you to earn your Certified Mobile and Web App Penetration Tester (CMWAPT) certification. As you progress through nine courses tied to the CMWAPT exam domains, you’ll build your skills around using pentesting methodologies and tools to attack Web and mobile apps and assess their security. Upon completion, you’ll be prepared to earn your CMWAPT certification and validate your pentesting knowledge.

Learning path components

CMWAPT Practice Exam
Practice Exam
CMWAPT Practice Exam

CMWAPT Practice Exam

Prepare for your CMWAPT exam and test your domain knowledge.

Number of questions: 50

Introduction to Web Application Pentesting
Course
Introduction to Web Application Pentesting

Introduction to Web Application Pentesting

Begin your pentesting path with this foundational introduction to Web application pentesting, covering common threats, methodologies and more.

3 videos
19 minutes of training

Target Identification and Application Mapping
Course
Target Identification and Application Mapping

Target Identification and Application Mapping

Take a closer look at target identification and application mapping with this course covering service identification, core defense mechanisms and more. Includes vocabulary and tools.

6 videos
55 minutes of training

Attacking Web Application Access Controls
Course
Attacking Web Application Access Controls

Attacking Web Application Access Controls

Learn to attack web application access controls with this course on attacking access control, attacking authentication, attacking session management and more.

4 videos
28 minutes of training

Injection Attacks
Course
Injection Attacks

Injection Attacks

Learn what you need to know about injecting code or SQL queries into vulnerable applications in order to circumvent access controls. Includes vocabulary and examples.

2 videos
20 minutes of training

Common Attack Methods
Course
Common Attack Methods

Common Attack Methods

Think like a hacker with this course on common attack methods used for pentesting, including attacking Web services, cross-site scripting and exploiting logic flaws.

8 videos
37 minutes of training

Introduction to iOS App Pentesting
Course
Introduction to iOS App Pentesting

Introduction to iOS App Pentesting

Get an introduction to iOS app pentesting with this course covering analyzing an iOS app, binary analysis, iOS app security measures and more.

5 videos
34 minutes of training

iOS App Pentesting Tools and Techniques
Course
iOS App Pentesting Tools and Techniques

iOS App Pentesting Tools and Techniques

Be ready for action with this course on iOS app pentesting tools and techniques. Covers runtime manipulation, insecure data storage, broken cryptography and other ways to get into a target system.

8 videos
44 minutes of training

Introduction to Android App Pentesting
Course
Introduction to Android App Pentesting

Introduction to Android App Pentesting

Prepare for the challenge of Android app pentesting with this introductory course covering reversing Android applications, Drozer and more.

5 videos
20 minutes of training

Android App Pentesting Tools and Techniques
Course
Android App Pentesting Tools and Techniques

Android App Pentesting Tools and Techniques

Dive deeper into Android app pentesting with this course on Android app pentesting tools and techniques. Includes vocabulary, walkthroughs and a close look at the Frida pentesting toolkit.

7 videos
31 minutes of training

 

What you’ll learn.

The CMWAPT certification exam covers eight domains:

  • Mobile and Web application pentesting process and methodology
  • Web application vulnerabilities
  • Web application attacks
  • Android application components
  • Android application attacks
  • iOS application components
  • iOS application attacks
  • Secure coding principles

Who is this for?

A familiarity of penetration testing concepts and a Security+ certification, or equivalent knowledge, are recommended.

This certification path is designed for:

  • Penetration testers
  • Cybersecurity consultants
  • Application developers
  • Web administrators
  • Anyone with a desire to get certified in pentesting mobile and Web applications!

You're in good company

"Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I’ve had." 

James Coyle

FireEye, Inc.

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer