![](/style/images/good.png)
![](/style/images/bad.png)
WEB-200
source link: https://www.offensive-security.com/web200-oswa/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
New subscription options! Learn more
WEB-200
Learn the foundations of web application assessments with OffSec's new course, Web Attacks with Kali Linux (WEB-200)
Now enjoy more flexibility and go at your own pace with a Learn subscription.
About WEB-200 | Buying Options | Course info | Details | Pricing
Web Attacks with Kali Linux
Learn the foundations of web application assessments with Offensive Security’s new course, Web Attacks with Kali Linux (WEB-200), designed for job roles such Web Penetration Testers, Pentesters, and Web Application Developers.
WEB-200 teaches students how to discover and exploit common web vulnerabilities, and how to exfiltrate sensitive data from target web applications. Students will obtain a wide variety of skill sets and competencies for web app assessments.
Students who complete the course and pass the associated exam earn the Offensive Security Web Assessor (OSWA) certification, demonstrating their ability to leverage modern web exploitation techniques on modern applications. A certified OSWA candidate is prepared to take on the Advanced Web Attacks and Exploitation (WEB-300) course.
Topics on Server Side Request Forgery (SSRF) and Command Injection coming soon to WEB-200!
How to buy WEB-200
Learn One
$1999 *
- One course
- 365 days of lab access
- Two exam attempts
- Plus exclusive content
Learn Unlimited
$5499
- All online courses*
- 365 days of lab access
- Unlimited exam attempts
- Plus exclusive content
* Applies to online courses only. AWE (EXP-401) is only taught in live classes.
Course Info
Benefits
Students will learn how to:
- Perform client and server, stored and reflected XSS
- Attack four common database management systems with SQLi
- Exploit six different templating engines often leading to RCE with SSTI
About the exam
- The OSWA exam cannot be scheduled at this time
- The WEB-200 course and online lab prepares you for the OSWA certification
- Proctored
- More details coming soon
Who is the course for?
- Job roles like: Web Penetration Testers, Pentesters, Web Application Developers, Application Security Analysts, Application Security Architects, and SOC Analysts and other blue team members
- Anyone interested in expanding their understanding of Web Application Attacks, and/or Infra Pentesters looking to broaden their skill sets and Web App expertise
Course prerequisites
- All prerequisites for WEB-200 can be found within the Offsec Fundamentals Program, included with a Learn subscription
- Prerequisite Topics include:
- PEN-100: Web Application Basics
- PEN-100: Linux Basics 1 & 2
- PEN-100: Networking Basics
New Training Subscriptions
LEARN ONE and LEARN UNLIMITED
Enjoy flexible learning options with the new Offensive Security Training Library subscriptions – Learn One and Learn Unlimited
Course Details
COURSE OVERVIEW
This course covers the following Topics.
- Tools for the Web Assessor
- Cross Site Scripting (XSS) Introduction and Discovery
- Cross Site Scripting (XSS) Exploitation and Case Study
- Cross Origin Attacks
- Introduction to SQL
- SQL Injection (SQLi) and Case Study
- Directory Traversal
- XML External Entity (XXE) Processing
- Server Side Template Injection (SSTI)
- Server Side Request Forgery (SSRF) – coming soon
- Command Injection – coming soon
- Insecure Direct Object Referencing – coming soon
WHAT COMPETENCIES WILL YOU GAIN?
- Students will obtain a wide variety of skill sets and competencies for Web App Assessments
- Students will learn foundational Black Box enumeration and exploitation techniques
- Students will leverage modern web exploitation techniques on modern applications
Course Pricing
All prices in US dollars. Subscribe to Learn One or contact our training consultants if you're purchasing Learn Unlimited.
Subscription
Learn One:
WEB-200 + 365 days lab access + PEN-100 + KLCP + 2 exam attempts + PG Practice
$1999 *
Learn Unlimited:
All courses + 365 days lab access + PEN-100 + KLCP + unlimited exam attempts + PG Practice
$5499
Are You Ready?
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK