Course Details

WEB-300: Advanced Web Attacks and Exploitation

Advanced Web Attacks and Exploitation (WEB-300) is an advanced course in web application security, focusing on conducting white box web application penetration tests. Upon successful completion of the course and exam, participants earn the OffSec Web Expert (OSWE) certification, demonstrating expertise in exploiting front-facing web applications. The OSWE is one of three certifications that comprise the OSCE³ certification, along with the OSEP for advanced penetration testing and the OSED for exploit development.

Benefits of this course include:
✔ Learning how to conduct an extensive examination of decompiled web application source code
✔ Learning how to detect logical vulnerabilities that evade detection by many enterprise scanners
✔ Learning how to integrate logical vulnerabilities to construct a proof of concept within a web application
✔ Learning how to exploit vulnerabilities by linking them to execute complex attacks
✔ OSWE Certification

Information about the exam:
✔ Protected
✔ 48-hour exam
✔ The WEB-300 web application security course and online lab prepares you for the OSWE certification

Prerequisites
✔ Comfort reading and writing at least one coding language
✔ Familiarity with Linux
✔ Capability to create simple Python / Perl / PHP / Bash scripts
✔ Experience with web proxies
✔ General understanding of web app attack vectors, theory, and practice