New Horizons
Project Management Academy
Six Sigma Online
TCM Security
TRACOM
Velopi
Watermark Learning
Login
NEW: LIVE TRAINING CLASSES NOW INCLUDE AN EXAM ATTEMPT READ MORE
Web Penetration Testing Live Training – Class Overview
This hands-on four day live training (9am – 5pm ET) is designed to take you from a beginner to a confident web application pentester with no prior hacking experience required. You’ll gain a solid foundation in how web apps work, learn how to find and exploit common vulnerabilities, and understand the attacker mindset. You will learn by doing through hands-on labs that focus on real-world techniques.
This training dives deep into the world of web apps. You’ll learn about common vulnerabilities and attacks like broken authentication and access controls, SQL injection, server-side request forgery, cross-site scripting, and much more.
By the end of the training, you’ll understand how to put together a methodology for web app penetration testing and be well on your way to earning the Practical Web Pentest Associate (PWPA) certification.
The Web Penetration Testing live training includes exam vouchers for the Practical Web Pentest Associate (PWPA) and Practical Web Pentest Professional (PWPP) certifications. Each exam voucher includes 1 exam attempt and is valid for 12 months from the class completion date.This class is limited to 50 students, so sign up today to reserve your spot.
Course Objectives
By the end of the training, participants will have a thorough understanding of:
- How Web Apps Work
- Server-Side Attacks
- Client-Side Attacks
- Scanning and More Advanced Attacks
System Requirements
- 8GB RAM & 256GB HDD
- Up-to-Date OS & Internet Browser
- Stable Internet connection
Prerequisites
No prior hacking experience is required, only basic computer skills.
Live, Instructor-Led
Web Penetration Testing Live Training
Use PayPal to Buy Now and Pay Later
Details
32+ Hours of Live Online Instruction and CEU Credits
25+ Hours of On-Demand Training (12 Months Access)
1 PWPA Exam Attempt (12 Months Access)
1 PWPP Exam Attempt (12 Months Access)
Online Labs w/ 50 Hours Access Post Training
Private Cohort and Instructor Access
24/7/365 Course Support
Who Should Take The Web Penetration Testing Live Training Class?
This class is designed for IT professionals who want to learn more about web app security and attacks. This training provides a hands-on look into how web apps work and what makes them vulnerable to hackers. By the end of this class, students will be able to develop their own methodology and will be well-prepared to perform a web app penetration test. Individuals looking to enroll should have basic IT skills and knowledge.
The live training is ideal for:
- Aspiring Penetration Testers and Cybersecurity Professionals.
- Web application penetration testers looking to validate their skills.
- People who have a keen interest in web applications and how they can be exploited.
- Individuals looking for extra guidance as they study for the PJPT or PWPA.
- Anyone looking to advance their knowledge, skills, and methodologies.
Why Choose TCM Security Instructor-Led Training?
No Fluff, Practical Focus
You’ll walk away with hands-on knowledge and practical skills that can be immediately applied in real-world scenarios.
Lab Access
After the training ends, you have 50 hours of access to online virtual labs to practice what you learned.
Interactive, Small Group Setting
We limit our class sizes to 50 students to encourage interaction with the instructor and classmates. You’ll have access to a private Discord channel for class communication and networking.
Post-Training Resources
You’ll have 12 months of access to on-demand training materials after the training ends.
Professional Development
TCM Security live trainings are eligible for Continuing Education Unit (CEU) credits.
Prepare for Certification Exams
Intensive live training classes will prepare you for TCM Security Certifications and include a certification voucher related to the training.
Training Options for Organizations
The cybersecurity field is always evolving and learning never stops. TCM’s Live Training options will equip your employees with practical, hands-on skills that they can immediately put to use on the job. We offer bulk discounts for organizations looking to purchase multiple seats in our live training classes. We can also conduct private group session training. Please reach out to us using the form if you are interested in learning more about those options!
“What I learned in just one day of Hacking (and Defending) Active Directory training has given me the edge on how to help my customers better secure their environments.”
Curriculum and Agenda
Prerequisites
Students do not need to have previous hacking experience for this training. Students should have a basic understanding of computers.
Day One
How Web Apps Work
- Introduction
- How Web Apps Work
- Intro to HTTP
- Broken Authentication
- Broken Access Control
- SQL Injection
Day Two
Server-Side Attacks
- SQL Injection (continued)
- Command Injection
- XML External Entity (XXE) Injection
- Directory Traversal
Day Three
Server-Side Attacks and Client-Side Attacks
- File Upload
- Server-Side Request Forgery (SSRF)
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
Day Four
Scanning and More Advanced Attacks
- Scanning, Filter Bypasses, WAF Bypasses
- Logic Bugs
- Building a Methodology
- Performing a Web App Pentest
*Curriculum is dependent on class skillset and other varying factors. Curriculum may change at the instructor’s discretion.
Request Live Training Reimbursement
Training doesn’t stop once you land a pentesting position. If your company offers a training budget or reimbursement for continuing education, consider using it on TCM Security live training and certifications! To make things easier, we’ve created a Training Budget Request Template—a customizable document designed to align your learning goals with your company’s objectives. Be sure to follow your company’s policies and procedures to increase the likelihood of your request being approved.
Frequently Asked Questions
What skill level should I have to take the training?
This class is aimed at beginners, meaning that you should have a general background in computers and networking, but extensive security experience is not required to succeed. Completion of any A+/Net+ course or equivalent knowledge is more than enough.
How long is the training session?
The class runs for 8 hours starting at 9am and ending at 5pm ET. This includes lecture, hands-on labs, an hour lunch, and breaks to work on the challenges.
What certification is included?
This training prepares you for the Practical Junior Penetration Tester (PJPT) certification exam. Your purchase includes 12 months of access to the training materials and the exam attempt. Please note that certification vouchers purchased in a live training bundle do NOT include a free retake.
Do you offer any discounts?
Live trainings are not eligible for the student, educator, military, first responder discount because they are already discounted to include the certification voucher. We periodically offer sales and promotions. Join our email list or follow us on social media to be informed when sales begin.
Will my employer reimburse this training?
Maybe! If your organization has a training budget, this class is an excellent way to expand your security knowledge and gain knowledge that will help protect your organization’s data. Use our reimbursement template to help craft your training request to your manager.
Do you offer bulk discounts?
We do. If your organization would like to purchase several seats for your team members to participate in the training, please contact [email protected] for more information.
Do you offer private group sessions?
Yes, we can conduct private group sessions for your organization or team. Contact [email protected] to learn more about our offerings.
