Course Information
What You Will Learn
Course Curriculum
Gain hands-on experience with industry-standard tools used by web application penetration testers
Introduction, Discovery, Exploitation and Case Study Learn how attackers inject malicious code into web pages to hijack user sessions, steal sensitive data, or deface websites
Discover how attackers trick authenticated users in web applications and learn how you can identify and exploit CSRF vulnerabilities
Misconfigurations Understand how to identify and fix CORS misconfigurations to keep your web applications safe
Discover the techniques that attackers use to steal sensitive information related to a web application’s database structure and how to stop them
Exploit vulnerabilities in web applications through SQL injections and learn techniques to prevent and mitigate SQL injection attacks
Learn how to identify and exploit directory traversal vulnerabilities and how you can prevent attackers from accessing restricted areas in your web servers
Learn how attackers user manipulate XML processors to exploit input vulnerabilities, how to secure your XML parsers, and to prevent XXE vulnerabilities in your web applications
Learn how to identify and exploit SSTI vulnerabilities and how you can protect your web applications from server-side template injections
Understand different SSRF attack vectors and how to implement countermeasures against them
Learn how attackers take advantage of command injection vulnerabilities and the potential impact on your system’s integrity. Practice identifying, exploiting, and mitigating command injection vulnerabilities
Learn how to handle object references in a secure manner to prevent attackers from accessing private data or performing unauthorized actions
Combine and expand different web application attack and assessment techniques you’ve learned throughout the course
Get the Full Syllabus as a PDF
Curriculum, exam format & everything included — sent straight to your inbox.
All You Need to Know
The WEB-200 course is ideal for:
- Security professionals seeking to enhance their web application security testing skills
- Those with knowledge of web development technologies and familiarity with Linux systems
While there are no formal prerequisites, it’s strongly recommended that you have a basic understanding of:
- Web development technologies (HTML, CSS, JavaScript)
- Networking Fundamentals
- Linux operating system basics