Claranet cyber security

Web hacking training

2 day beginner web hacking training class.

Our beginner-level web hacking training, part of our Hacking Training courses, lets you step into the world of ethical hacking / penetration testing with a focus on web application hacking.

The course is available directly from Claranet Cyber Security or you can book through one of our partners. The course is now available as live, online training and can be delivered for you individually or for your company. Contact us below with your requirements.

Get certified:

Complete the course wherever it suits you and afterwards you can take an optional exam with Check Point and become a Web Hacking Check Point Certified Pen Testing Expert (CCPE).

  • Overview
  • Details
  • Pre-requisites & Audience
  • Brochure Download

This is an entry-level web application security-testing class and is a recommended pre-requisite for our advanced web hacking class. This class familiarizes attendees with the basics of web and application hacking. A number of tools and techniques will be taught during the 2 day class. If you would like to step into the world of ethical hacking / pen testing with a focus on web applications, then this is the right class for you.

Learning objectives

  • Introduction to web application hacking
  • Practical in-focus teaching on how web application security flaws are discovered
  • Covers leading industry standards and approaches
  • Builds the foundation to progress your knowledge and move into more advanced web application topics

This class familiarizes attendees with a wealth of hacking tools and techniques. The class starts from the very basic and gradually builds up to the level where attendees not only use the tools and techniques to hack various components involved in infrastructure hacking, but also walk away with a solid understanding of the concepts on which these tools work.

Day 1

Information Gathering, Profiling and Cross-Site Scripting:

  • Understanding HTTP Protocol
  • Identifying the Attack Surface
  • Username Enumeration
  • Information Disclosure
  • Issues with SSL/TLS
  • Cross-Site Scripting
  • Cross-Site Request Forgery

Day 2

Injection, Flaws, Files and Hacks:

  • SQL Injection
  • XXE Attacks
  • OS Code Injection
  • Local/Remote File Include
  • Cryptographic Weakness
  • Business Logic Flaws
  • Insecure File Uploads

Audience

System Administrators, Web Developers, SOC analysts, Penetration Testers, network engineers, security enthusiasts and anyone who wants to take their skills to the next level.

Student requirements

Students should bring their own laptop with a Windows Operating System installed (either natively or running in a VM). Further, students must have administrative access to perform tasks such as installing software, disabling antivirus etc. Devices that don’t have an Ethernet connection (e.g. MacBook Air, tablets etc.) are not supported.

Book your training

We provide training directly (remote or in person) and also work with a range of training partners in different locations around the globe for classroom or remote training. Please contact us with details of your requirement and we will recommend the best route to access our amazing training.

The course can also be booked directly through our accredited training partners.

Other courses part of our ethical Hacking Training

Lab-based training - written by BlackHat trainers.

Classes are ideal for those preparing for CREST CCT (ICE), CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications, as well as those who perform penetration testing on infrastructure / web applications as a day job and wish to add to their existing skill set.