Advanced Web Attacks and Exploitation (AWAE) is a self-paced, online course that accelerates your understanding of the art of exploiting front-facing web applications. AWAE condenses the time it takes to learn the tools, techniques, and procedures that adversaries use to chain together vulnerabilities and create advanced exploits.
In addition to a traditional course guide and video-based lectures, each student receives access to a virtual penetration testing lab where techniques learned within the course can be practiced in a safe and legal environment. Upon successful completion of the course and certification exam, you will officially become an Offensive Security Web Expert (OSWE), which demonstrates you have a clear and practical understanding of the web application assessment and hacking process.
Who is this course for?
Advanced Web Attacks and Exploitation is not an entry-level course. It has been designed for:
Experienced penetration testers looking to take their web application testing skills to the next level
Web application developers who need to understand how their code is attacked
Previous familiarity with web proxies, such as Burp Suite and similar tools
Course Overview & Syllabus
AWAE is not a fuzzing course and as such, the bulk of your time will be spent analyzing source code, decompiling Java, debugging DLLs, manipulating requests, and more, using tools like Burp Suite, dnSpy, JD-GUI, Visual Studio, and the trusty text editor. The course covers the following topics in detail; for a more complete breakdown of the course topics, please refer to the AWAE Syllabus.
Persistent Cross-Site Scripting
Bypassing File Extension Filters
PostgreSQL Extension and User Defined Functions
Bypassing REGEX restrictions
Cross-Site Request Forgery
Blind SQL Injection
Bypassing File Upload Restrictions
Bypassing Character Restrictions
PostgreSQL Large Objects
Debugging .NET Assemblies
What competencies will you gain?
Greater confidence in performing advanced web application source code auditing
Improved ability to analyze code, write scripts, and exploit web vulnerabilities
Ability to implement multi-step, chained attacks making use of multiple vulnerabilities
Increased comfort using creative and lateral thinking to achieve expanded view of standard vectors
Ability to think outside of the box in order to determine innovative ways of exploiting web vulnerabilities
Supporting Your Online Journey
6 Hours of Video Series
270+ Page Course Guide
Active Student Forums
Access to Virtual Lab Environment
Once you have completed the course and practiced your skills in our labs, you’re ready to take on the arduous certification exam – a real-world, hands-on penetration test that takes place in our isolated VPN exam network – and become an official Offensive Security Web Expert (OSWE).
Register for AWAE Course at least 10 days before you want to start
Establish Connection to Virtual Lab
Progress through course materials. Practice in labs.
Schedule certification exam within 90 days of completing course
Successfully complete the exam and earn your certification
Pricing and Payment
Advanced Web Attacks and Exploitation + 30 days Lab access + OSWE Exam Certification Fee
Advanced Web Attacks and Exploitation + 60 days Lab access + OSWE Exam Certification Fee
Advanced Web Attacks and Exploitation + 90 days Lab access + OSWE Exam Certification Fee
OSWE Certification Exam Retake Fee
Accepted forms of payment (More options available during checkout)
You can also purchase additional lab access at anytime during your course.
You can purchase a lab extension using your personal purchase link whenever you wish. You will be able to schedule your challenge within 90 days from your lab extension ending date. Please use your unique purchase link in order to make your desired purchase. You will receive your lab account details within a few hours after your payment has been submitted.
The OSWE – A Real World Penetration Testing Certification
Learn how to discover and exploit web application vulnerabilities with Advanced Web Attacks and Exploitation. This pentest training course will teach you advanced attack vectors and lead toward marking you as an Offensive Security Web Expert(OSWE), with proven hands-on experience in the field.