Who this is for: Junior devs, QA, sysadmins, security juniors, career-switchers, and aspiring penetration testers who want practical, employer-ready web-app hacking skills. Basic web concepts (HTTP, HTML, cookies) recommended but not mandatory — bring grit, not ego.
What students will learn:
-
Recon & footprinting: intelligent info-gathering and attack surface mapping.
-
Vulnerability discovery: automated scan validation plus hands-on manual testing.
-
OWASP Top 10 exploitation & mitigation (SQLi, XSS, CSRF, Auth flaws, Broken Access Control, etc.).
-
Advanced flows: session management, logic bugs, file upload, SSRF, IDOR.
-
Toolchain proficiency: Burp Suite, nmap, Nikto, sqlmap, proxying, and browser devtools — and when not to rely on tools.
-
Dynamic analysis & proof-of-concept exploit development.
-
Safe lab practices, containment, chain-of-custody mindset, and legal/ethical boundaries.
-
Reporting: concise vulnerability write-ups, risk rating, remediation steps, and executive summaries.
Hands-on format: practical labs, CTF-style exercises, real-world case studies, and a final assessment that produces a professional vuln report.
What to bring: laptop (VM-capable), internet, basic terminal comfort. All lab environments, sample apps, and tooling instructions provided.
View this Course
Certified
You have 
