25,000+ Courses Nationwide
0345 4506120

Certified Application Security Testing

This specialist four-day web hacking course is for people in a wide range of application development and testing roles. It is designed to give you an in-depth knowledge of how to identify security vulnerabilities and an understanding of the real risk that these vulnerabilities pose by exploiting them.

How will I benefit?

This course will give you:

  • An industry recognised qualification, accredited by CREST and the IISP
  • Essential preparation for the CREST Certified Tester (application) exam
  • Security vulnerability identification and avoidance

Who should attend?

People working in an application testing (security assessment/administration) or developer environment, including experienced:

  • Penetration testers
  • Application developers
  • Security professionals

Select specific date to see price, venue and full details.

Learning Objectives


An advanced web hacking course designed for experienced penetration testers, developers and security professionals who need to extend their knowledge of hacking web applications.

The course covers the syllabus for the ltest CREST Certified Web Application Tester (CCT App) exam and therefore you will be expected to demonstrate that you are able to find a range of security flaws and vulnerabilities, including proving the ability to exploit and leverage the flaws to ascertain the impact of the issues found.


  • You will be led through a range of state-of-the-art hacking tools and techniques to allow you to conduct a complete web application security assessment.
  • Once able to identify and exploit vulnerabilities, you will learn a range of defensive counter measures, allowing you to develop applications that are more resistant to attack and provide a better protection for data assets.




CAST is an advanced application security training course and it is highly recommended that you have completed the 'Certified Security Testing Professional' course, or already possess equivalent knowledge.

It is important that you have knowledge of networking and a practical experience of modern web application technologies (e.g. HTML, JavaScript, PHP, ASP, MSSQL, MySQL). Hands-on experienceof modern hacking trends, tools and technologies would also be

an advantage.

Course Content

1. Introduction to web applications

a. HTTP protocol

b. Authentication

c. Authorisation

d. Cookies

2. Authentication

a. Types of authentication

b. Clear text HTTP protocol

c. Advanced username enumeration/brute force issues

d. Security through obscurity

3. Authorisation

a. Session management issues

b. Weak ACLs

c. Cookie analysis

4. SSL misconfigurations

a. Attacks on SSL

b. TLS renegotiation

c. MD5 collisions

5. Security problems with thick client applications

a. Insecure design

b. Echo Mirage, MiTM, replaying traffic etc.

6. Web/application server issues

a. IIS/Apache/OpenSSL exploitation

b. Oracle application server exploits (bypass exclusion list etc)

c. Insecure HTTP methods

d. WebDAV issues

7. Cross-site scripting

a. Types of XSS

b. Identifying XSS

c. Exploiting XSS

d. Secure cookie, HTTP-only

8. Advanced XSS

a. Advanced XSS exploitation

b. Pitfalls in defending XSS

c. Fixing XSS

9. Cross-site request forgery

a. Identifying/exploiting CSRF

b. Complicated CSRF with POST requests

c. CSRF in web services

d. Impact

e. Fixing CSRF

10. Session fixation

a Cookie fixation

b. Faulty log-out functionalities

11. CRLF injection

a. Proxy poisoning

b. XSS with CRLF injection

12. Clickjacking

a Impact of clickjacking and proof

of concept

13. SQL injection

a. Introduction to SQL injection

b. Impact: Authentication bypass

c. Impact: Extracting data (Blind SQL Injection, UNION injection, OOB channels)

d. OS code execution (MS-SQL, MySql)

e. SQL injection within stored procedures, parameterised statements

f. Places where you never thought SQLI could occur

g. Pitfalls in defending SQL injections

h. Fixing SQL Injections

14. Malicious file uploads

a. File uploads

b. IIS zero-day

c. Hacking unprotected application servers

15. Vulnerable flash applications

16. Business logic bypass

a. Authentication bypass

b. Insecure coding

c. Other logical flaws

17. OS code execution

18. Remote/local file inclusion

a. File inclusion

b. OS code execution

19. Direct object reference

Exams & Certification

What qualification will I receive?

Upon successful completion of the exam, you will be awarded the Certified Application Security Tester (CAST) qualification

Related Courses

Privacy Notice

In order to provide you with the service requested we will need to retain and use your contact information in accordance with our Privacy Notice. If you choose to provide us with this information you explicitly consent to us using the information as necessary to provide the requested service to you. If you do not agree please do not proceed to request the service from us.

Marketing Permissions

Would you like to receive our newsletter and other information on products and services which we think will be of interest to you by email. We will always treat your information with care and in accordance with our Privacy Notice. You are free to withdraw this permission at any time.


We work with the best