Learn Web Application Pentesting

The web application penetration testing path will cover all of the essentials for those wanting to become a web app pentester. You'll learn how to ethically emulate real-world attacks in order to discover and responsibly disclose an organization's vulnerabilities.

4 courses  //   26 videos  //   14 hours of training

Free training week — 700+ on-demand courses and hands-on labs

Web Application Pentesting training

The first course in the learning path covers workstation setup, including installation and configuration of Burp Suite with the Firefox web browser. Certificate installation and proxy configurations are covered in order to allow newcomers to start pentesting immediately. The second course makes up the bulk of this learning path and focuses on the OWASP Top Ten vulnerabilities. Many real-world vulnerabilities are showcased for each of the ten topics and various demos are given on how to solve related challenges in both OWASP Juice Shop and Portswigger’s Web Security Academy. The third course covers a variety of pentesting tools and Burp extensions such as Turbo Intruder, Intruder File Payload Generator, SQLMap and many more. The fourth course closes out the learning path with pentesting advice, a path recap and a look at the final project.

Learning path components

 

What you’ll learn.

  • OWASP Top Ten vulnerability types as they relate to pentesting
  • Tools of the trade, namely Burp Suite professional edition, SQLMap and various Burp extensions
  • How to troubleshoot issues during the process of discovering and exploiting various vulnerability types
  • Pentesting dos and don’ts
  • How to fix or prevent various vulnerability types

Who is this for?

  • Entry to intermediate-level web app pentesters
  • Those wanting to become full-time web application pentesters
  • Those who are currently in a security role but want to understand how to conduct manual pentesting rather than relying solely on scanners
  • Those wanting to improve their odds of monetizing bug bounties
  • Developers who want to understand how to create more secure applications
  • Members of corporate security teams

Train on your schedule

Personal
Teams

Infosec Skills subscription

Monthly
Annually
  • 80+ role-based learning paths (Ethical Hacking, Threat Hunting, etc.)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (CISSP, Security+, etc.)
  • Skill assessments
  • Infosec peer community support
  • Create custom learning paths from 100s of courses

Infosec Skills boot camp

Request a quote for pricing

 

Request Quote Browse Boot Camps
  • Exam Pass Guarantee
    If you don’t pass your exam on the first attempt, you'll get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.
  • 100% Satisfaction Guarantee
    If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
  • Live, instructor-led training (available in-person or online)
  • 90 day extended access to recordings of daily lessons
  • Certification exam voucher
  • Learn by doing with hundreds of additional hands-on courses and labs Infosec Skills Annual

Infosec Skills subscription

Annual

$599 per learner / year

Request Quote Free Team Trial
  • Team administration and reporting
  • Transferable licenses
  • 80+ role-based learning paths (Ethical Hacking, Threat Hunting, etc.)
  • 100s of hands-on labs in cloud-hosted cyber ranges
  • Custom certification practice exams (CISSP, Security+, etc.)
  • Skill assessments
  • Create and assign custom learning paths
  • Dedicated client success manager

Infosec Skills boot camp

Request a quote for pricing

 

Request Quote Browse Boot Camps
  • Team boot camp administration and reporting
  • Exam Pass Guarantee
    If you don’t pass your exam on the first attempt, you'll get a second attempt for free. Includes the ability to re-sit the course for free for up to one year.
  • 100% Satisfaction Guarantee
    If you’re not 100% satisfied with your training at the end of the first day, you may withdraw and enroll in a different online or in-person course.
  • Knowledge Transfer Guarantee
    If an employee leaves within three months of obtaining certification, Infosec will train a different employee at the same organization tuition-free for up to one year.
  • Certification exam vouchers
  • Live, instructor-led training (available onsite, in-person or online)
  • 90 days extended access to recordings of daily lessons
  • Build your team's skills with hundreds of additional hands-on courses and labs

Award-winning training that you can trust

Best Software - Highest Satisfaction

Best Software - Highest Satisfaction

Infosec Skills

Best IT Security-related Training Program

Best IT Security-related Training Program

Infosec Skills

Best Cybersecurity Education Provider & Best Security Education Platform

Best Cybersecurity Education Provider & Best Security Education Platform

Infosec Skills

Most Innovative Product - Cybersecurity Training for Infosec Professionals

Most Innovative Product - Cybersecurity Training for Infosec Professionals

Infosec Skills

Global Excellence - Cyber Security Education & Training

Global Excellence - Cyber Security Education & Training

Infosec Skills

Exceptional learning experiences powered by LX Labs cyber expertise

Infosec Skills courses and labs are powered by LX Labs — our elite team of cyber SMEs, learning specialists and community of top-ranked security instructors, published authors and sought-after industry leaders. We rigorously vet all Infosec Skills training resources to guarantee they meet certification and compliance requirements and align with recognized guidelines like the NICE Cybersecurity Workforce Framework.

LX Labs

SC Media names Infosec Skills Best IT Security Training

See for yourself why Infosec Skills leads the cybersecurity training industry.