Certificate In Web Application Penetration Testing

Current Status
Not Enrolled
Get Started
This course is currently closed

Certificate in Web Application Penetration Testing


The Certificate in Web Application Penetration Testing online course is designed according to a special didactic concept, which helps students to learn the theoretical and practical content through independent study. This online course is a very practical and hands-on approach to learning the OWASP’s top 10 attack and security vulnerabilities. Throughout this online course, students will learn how to exploit the vulnerabilities found in web applications following the OWASP Testing Guide framework, starting from the basics of setting up the environment to the actual discovery and exploitation of the vulnerabilities.

In the Certificate in Web Application Penetration Testing online course, students will learn how to exploit the vulnerabilities found in web applications and servers by following the framework of OWASP’s Top 10 Testing Guide, used by organizations around the world to perform web application penetration testing. This online course is designed to teach the details of web application penetration testing in an immersive environment. The online course is structured around OWASP’s Top 10 vulnerabilities, from A1 to A10, where each module includes a description and example of an attack.

The online course is an ideal opportunity for those who want to improve their skills by performing in-depth penetration tests on web applications.

Learning Objectives:

Upon the successful completion of the online course, the student will become familiar with:

  • Set Up the Environment to conduct web penetration testing on the OWASP Mutillidae II
  • Learn how to exploit Injection vulnerabilities to extract data, bypass authentication, etc.
  • Learn how to implement authentication and session management functions
  • Understand the importance of properly securing sensitive data
  • Learn about XXE, its risks, and the impact of an XXE attack
  • Learn the importance of properly implementing access control
  • Learn how to properly implement all the security controls for server or web application
  • Learn about XSS and how to exploit the reflected, stored, and DOM XSS
  • Learn what causes Insecure Deserialization, its impact, and prevention measures
  • Understand the importance of Logging and Monitoring on the web application

Course Modules & Duration:

The Certificate in Web Application Penetration Testing online course is equivalent to 96 hours to complete – including the Final Quiz.

Module 1: Setup the Environment6 hours
Module 2: A1 – Injection8 hours
Module 3: A2 – Broken Authentication12 hours
Module 4: A3 – Sensitive Data Exposure9 hours
Module 5: A4 – XML External Entities (XXE)1 hour
Module 6: A5 – Broken Access Control9 hours
Module 7: A6 – Security Misconfiguration21 hours
Module 8: A7 – Cross Site Scripting (XSS)24 hours
Module 9: A8 – Insecure Deserialization2 hours
Module 10: A9 – Using Components with Known Vulnerabilities1 hour
Module 11: A10 – Insufficient Logging and Monitoring1 hour
Final Quiz: A quiz that consists of 26 questions (Passing score 60%)2 hours


As soon as you finish the online course, you can download your Certificate of Achievement. This will also be accessible in your account any time you log in. Your Certificate of Achievement includes the online course you have studied, your name, the date of completion, and a verification number that can be used by future employers to verify that you passed your course.

Navigation Guide:

The Certificate in Web Application Penetration Testing online course is divided into manageable modules and topics. Go through these modules at your own pace and learn about each of the topics in the online course. We use images, written information, diagrams, and other resources to help you get to know the content without any problems. This online course is designed to progress without any assistance, but our support staff can be contacted if you need us.

Follow this link to download the: Navigation Guide for Web Application Penetration Testing online course. If you have any further question or require further support, please do not hesitate to contact us at operations@cunitech.ca

“If you spend more on coffee than on IT security, you will be hacked. What’s more, you deserve to be hacked.”

Richard Clarke