-
This web hacking course provides an in-depth understanding of typical attacks on web applications and at the same time shows where protective measures can be applied in practice. The OWASP Top 10 serve as a structuring basis for specifically classifying real vulnerabilities and better understanding the approach of attackers.
The course is divided into the phases of information gathering, attack execution and technical analysis. You will work with tools such as Burp Suite or SQLMap, investigate SQL, XML and command injections, analyze session and authentication mechanisms and research client-side attacks such as XSS or clickjacking. You will learn to identify typical points of attack and classify attack patterns with confidence.
-
Course Contents
-
- Motivation and approach to web attacks
- Vulnerability classification according to OWASP Top 10
- Reconnaissance and information gathering
- Uncovering DNS, subdomains, and metadata
- Fingerprinting and error analysis on the web
- Attacks on authentication and sessions
- Session hijacking and token manipulation
- Password attacks and credential reuse
- Injection attacks: SQL, OS, XML, API
- Recognizing cross-site scripting variants
- Client-side attacks and UI manipulation
- Local and remote file inclusion
- Bypassing access controls
- Protective mechanisms in the application context
- Analyzing and classifying security vulnerabilities
The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.
Premium Course Documents
In addition to the digital documentation package, the exclusive Premium Print Package is also available to you.
- High-quality color prints of the ExperTeach documentation
- Exclusive folder in an elegant design
- Document pouch in backpack shape
- Elegant LAMY ballpoint pen
- Practical notepad
The Premium Print Package can be added during the ordering process for € 150,- plus VAT (only for classroom participation).
-
Target Group
-
The course is aimed at people with basic knowledge of hacking as well as web developers who want to get straight into the topic of web security. The aim is to detect attacks at an early stage and secure web applications in a targeted manner.
-
Knowledge Prerequisites
-
For this course, a basic understanding of the topics of security and hacking is advantageous, which can be acquired through the courses Hacking I - Understanding network attacks and Hacking II - Attacks on end devices and applications.
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.-
This web hacking course provides an in-depth understanding of typical attacks on web applications and at the same time shows where protective measures can be applied in practice. The OWASP Top 10 serve as a structuring basis for specifically classifying real vulnerabilities and better understanding the approach of attackers.
The course is divided into the phases of information gathering, attack execution and technical analysis. You will work with tools such as Burp Suite or SQLMap, investigate SQL, XML and command injections, analyze session and authentication mechanisms and research client-side attacks such as XSS or clickjacking. You will learn to identify typical points of attack and classify attack patterns with confidence.
-
Course Contents
-
- Motivation and approach to web attacks
- Vulnerability classification according to OWASP Top 10
- Reconnaissance and information gathering
- Uncovering DNS, subdomains, and metadata
- Fingerprinting and error analysis on the web
- Attacks on authentication and sessions
- Session hijacking and token manipulation
- Password attacks and credential reuse
- Injection attacks: SQL, OS, XML, API
- Recognizing cross-site scripting variants
- Client-side attacks and UI manipulation
- Local and remote file inclusion
- Bypassing access controls
- Protective mechanisms in the application context
- Analyzing and classifying security vulnerabilities
The detailed digital documentation package, consisting of an e-book and PDF, is included in the price of the course.
Premium Course Documents
In addition to the digital documentation package, the exclusive Premium Print Package is also available to you.
- High-quality color prints of the ExperTeach documentation
- Exclusive folder in an elegant design
- Document pouch in backpack shape
- Elegant LAMY ballpoint pen
- Practical notepad
The Premium Print Package can be added during the ordering process for € 150,- plus VAT (only for classroom participation).
-
Target Group
-
The course is aimed at people with basic knowledge of hacking as well as web developers who want to get straight into the topic of web security. The aim is to detect attacks at an early stage and secure web applications in a targeted manner.
-
Knowledge Prerequisites
-
For this course, a basic understanding of the topics of security and hacking is advantageous, which can be acquired through the courses Hacking I - Understanding network attacks and Hacking II - Attacks on end devices and applications.
-
Classroom training
- Do you prefer the classic training method? A course in one of our Training Centers, with a competent trainer and the direct exchange between all course participants? Then you should book one of our classroom training dates!
-
Hybrid training
- Hybrid training means that online participants can additionally attend a classroom course. The dynamics of a real seminar are maintained, and the online participants are able to benefit from that. Online participants of a hybrid course use a collaboration platform, such as WebEx Training Center or Saba Meeting. To do this, a PC with browser and Internet access is required, as well as a headset and ideally a Web cam. In the seminar room, we use specially developed and customized audio- and video-technologies. This makes sure that the communication between all persons involved works in a convenient and fault-free way.
-
Online training
- You wish to attend a course in online mode? We offer you online course dates for this course topic. To attend these seminars, you need to have a PC with Internet access (minimum data rate 1Mbps), a headset when working via VoIP and optionally a camera. For further information and technical recommendations, please refer to.
-
Tailor-made courses
-
You need a special course for your team? In addition to our standard offer, we will also support you in creating your customized courses, which precisely meet your individual demands. We will be glad to consult you and create an individual offer for you.
You can find the complete description of this course with dates and prices ready for download at as PDF.
Hybrid Training
Trainer language German