0845 450 6120

Advanced Web Hacking

For IT security professionals, staying up-to-date with the latest vulnerabilities and exploits is a real challenge. Knowing a vulnerability from a high level perspective is not enough. A good security professional must be able to demonstrate the impact of the vulnerability.

To bridge the gap between understanding a vulnerability and to be able to fully exploit it. We have designed a fully hands-on course. During the 3-day course, attendees will be granted access to a state-of-art Hacklab and will be asked to enumerate, assess, exploit and then post exploit vulnerabilities within the Hacklab.

We don't currently have any courses listed for Advanced Web Hacking, would you like to view all courses for Information & Cyber Security?

Learning Objectives

Individuals taking the Advanced Web Hacking course will experience hands-on practical content that is extremely current and taught at the world's top conference stages. The course was written to address the need in the market for high-end training in the field of web platforms; inspired by daily on-site Penetration Testing and training in the community / conferences. The course enable students to practice topics such as exploit chaining, post-exploitation, combining low risk vulnerabilities to obtain high impact outcomes.


The course examines and hacks a wealth of modern vulnerabilities aka (XXE Injection, OOB exploitation, Business logic flaws etc). All labs are virtualised and there are dedicated VMs for each student. The full description is on our website.
Advanced Web Hacking course will familiarise you with a wealth of hacking techniques for common operating systems, networking devices and everything else in between. The CTF is ideal for those preparing for CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications and those who perform Penetration Testing on web platforms as a day job and want to take their skills to different level.


Prior hands-on experience of common hacking/enumeration tools such as Sqlmap, burp etc., is recommended for the class. QA Certified Ethical Hacker (CEH) certification is strongly recommended as a pre-requisite to this advanced hacking course.

The Advanced Web Hacking course audience includes:

  • Penetration Testers and Security Researchers.
  • CSIRT & Red Team professionals.
  • Security Operations Centre (SOC) analysts
  • Security/System/Network architects.
  • Information Security Professionals.

Course Content

Introduction to Web Applications

  • Design Flaws
  • Authentication
  • Authorization
  • Session Management
  • Logical Flaws
  • Web Server Misconfiguration
  • Application Server Misconfiguration
  • HTTP Methods
  • SSL and MITM attacks

Cross Site Issues

  • Cross Site Scripting
  • Cross Site Request Forgery
  • Session Fixation
  • Flash and Cross Domain Issues

Server Side Issues

  • SQL Injection
  • LDAP Injection
  • XPATH Injection
  • XXE Injection
  • File Uploads
  • Server Side Includes
  • File Inclusion
  • Direct Object Reference
  • OS Code Execution
One Month
Two Months
Three Months
More than Three Months
PRINCE2 Foundation & Practitioner
MSP Foundation & Practitioner
APMP Certificate
ITIL Foundation
Scrum in One Day
Certified ScrumMaster
ISTQB Software Test Foundation
Microsoft Project
BCS Business Analysis Practice
Other - Please Specify Below

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include