0845 450 6120

Certified Advanced Application Security Testing - Hands On

An advanced four-day web hacking course designed for penetration testers, security researchers and security professionals who need to learn the art of hacking web applications.


Learning Objectives

This hands-on course helps you gain in-depth knowledge on how to identify security vulnerabilities and subsequently identify the real risk of these vulnerabilities by exploiting them. The course covers the syllabus for the latest CREST Certified Web Application Tester exam.

The training provides attendees with a collection of modern hacking tools required for conducting a complete web application security assessment.


This is an advanced course on application security and all delegates must have completed the CSTP course, or possess equivalent knowledge and have a practical understanding of backend web application technologies. This course is ideally suited to individuals that have been working in an application testing (security assessment/administration) or developer environment for some time.

Course Content

1. Introduction to Web Applications
a. Authentication
b. Authorisation
c. Cookies
d. HTTP protocol
e. Overview of Google hacking

2. Authentication
a. Types of authentication
b. Clear text HTTP protocol
c. Advanced username enumeration/brute force issues
d. Security through obscurity

3. Authorisation
a. Session management issues
b. Weak ACLs
c. Cookie analysis

4. SSL Misconfigurations
a. SSL and man-in-the-middle attacks
b. TLS renegotiation, %00 byte issue
c. MD5 collisions

5. Security Problems with Thick Client Applications
a. Insecure design
b. Echo Mirage, MiTM, replaying traffic etc.

6. Web/Application Server Issues
a. IIS/Apache/OpenSSL exploitation
b. Oracle Application Ser ver exploits (bypass
exclusion list etc)
c. Hacking with Metasploit
d. Insecure HTTP methods
e. WebDAV issues

7. Cross Site Scripting
a. Types of XSS
b. Identifying XSS
c. Exploiting XSS
d. Advanced XSS exploitation with beef and XSS-Shell
e. Secure cookie, HTTP-only

8. Advanced XSS
a. Pitfalls in defending XSS
b. Fixing XSS

9. Cross Site Request Forgery
a. Identifying/exploiting CSRF
b. Complicated CSRF with POST requests
c. CSRF in web services
d. Impact
e. Fixing CSRF

10. Session Fixation
a. Cookie fixation
b. Faulty log-out functionalities

11. CRLF injection
a. Proxy poisoning
b. XSS with CRLF injection

12. Clickjacking

13. SQL Injection
a. Introduction to SQL Injection
b. Impact: Authentication bypass
c. Impact: Extracting data (Blind SQL Injection,UNION tricks, OOB channels)
d. OS Code Execution (MS-SQL, MySql,Oracle)
e. SQL Injection within stored procedures,parameterized statements
f. Places where you never thought SQLI could occur
g. Pitfalls in def ending SQL Injections
h. Fixing SQL Injections

14. Malicious File Uploads
a. File Uploads
b. IIS zero-day
c. Hacking Unprotected Application servers

15. Vulnerable Flash Applications
a. Insecure cross-domain requests
b. Flash XSS

16. Business Logic Bypass
a. Authentication bypass
b. Insecure Coding
c. Other logical flaws

17. OS Code Execution

18. Remote/Local File inclusion
a. File Inclusion
b. OS Code Execution

19. Direct Object Reference

20. Capture The Flag Session

Exams & Certification

Delegates who successfully complete the end of course practical exam containing hacking challenges will be awarded the Certified Application Security Tester (CAST) qualification; Ideal preparation for the CREST Certified Tester (Application) qualification.

One Month
Two Months
Three Months
More than Three Months
PRINCE2 Foundation & Practitioner
MSP Foundation & Practitioner
APMP Certificate
ITIL Foundation
Scrum in One Day
Certified ScrumMaster
ISTQB Software Test Foundation
Microsoft Project
BCS Business Analysis Practice
Other - Please Specify Below

Online Courses

You may prefer an online course if you are looking for a flexible and cost-effective solution. Online courses allow you to study at your own pace, at a time that suits you.

We have the following eLearning options available:

Our Customers Include