Advanced Web Hacking

Displaying courses for Great Britain [Change]


For IT security professionals, staying up-to-date with the latest vulnerabilities and exploits is a real challenge. Knowing a vulnerability from a high level perspective is not enough. A good security professional must be able to demonstrate the impact of the vulnerability.

To bridge the gap between understanding a vulnerability and to be able to fully exploit it. We have designed a fully hands-on course. During the 3-day course, attendees will be granted access to a state-of-art Hacklab and will be asked to enumerate, assess, exploit and then post exploit vulnerabilities within the Hacklab.


Individuals taking the Advanced Web Hacking course will experience hands-on practical content that is extremely current and taught at the world's top conference stages. The course was written to address the need in the market for high-end training in the field of web platforms; inspired by daily on-site Penetration Testing and training in the community / conferences. The course enable students to practice topics such as exploit chaining, post-exploitation, combining low risk vulnerabilities to obtain high impact outcomes.


The course examines and hacks a wealth of modern vulnerabilities aka (XXE Injection, OOB exploitation, Business logic flaws etc). All labs are virtualised and there are dedicated VMs for each student. The full description is on our website.
Advanced Web Hacking course will familiarise you with a wealth of hacking techniques for common operating systems, networking devices and everything else in between. The CTF is ideal for those preparing for CREST CCT (ACE), CHECK (CTL), TIGER SST and other similar industry certifications and those who perform Penetration Testing on web platforms as a day job and want to take their skills to different level.


Prior hands-on experience of common hacking/enumeration tools such as Sqlmap, burp etc., is recommended for the class. QA Certified Ethical Hacker (CEH) certification is strongly recommended as a pre-requisite to this advanced hacking course.

The Advanced Web Hacking course audience includes:

  • Penetration Testers and Security Researchers.
  • CSIRT & Red Team professionals.
  • Security Operations Centre (SOC) analysts
  • Security/System/Network architects.
  • Information Security Professionals.


Introduction to Web Applications

  • Design Flaws
  • Authentication
  • Authorization
  • Session Management
  • Logical Flaws
  • Web Server Misconfiguration
  • Application Server Misconfiguration
  • HTTP Methods
  • SSL and MITM attacks

Cross Site Issues

  • Cross Site Scripting
  • Cross Site Request Forgery
  • Session Fixation
  • Flash and Cross Domain Issues

Server Side Issues

  • SQL Injection
  • LDAP Injection
  • XPATH Injection
  • XXE Injection
  • File Uploads
  • Server Side Includes
  • File Inclusion
  • Direct Object Reference
  • OS Code Execution

Training provider

Teaching mode: Classroom - Instructor Led
Duration: 4 days
Gooroo has partnered with the global leaders in IT training to give you access to quality training, personalised to you, targeted at increasing your job opportunities and salary.

Our pricing

We do not display pricing as Gooroo members qualify for special discounts not available elsewhere. You must enquire through Gooroo to get this benefit.

New courses are happening all the time

Our partner's expert training consultant will provide you with the times and all the details you need. Enquire today.

Top skills covered in this course

White hat
Great Britain
This skill has an average salary of
and is mentioned in
of job ads in this area.
Lightweight Directory Access Protocol
Great Britain
This skill has an average salary of
and is mentioned in
of job ads in this area.
Virtual machine
Great Britain
This skill has an average salary of
and is mentioned in
of job ads in this area.
Web application
Great Britain
This skill has an average salary of
and is mentioned in
of job ads in this area.