• Classroom
  • Online, Instructor-Led
  • Online, Self-Paced
Course Description

Hackers routinely exploit web applications, especially as more services move to the cloud, despite the fact companies can easily fix most vulnerabilities within web applications before releasing their code to the wild.  The “Web Application Exploitation” course teaches students about the most common web vulnerabilities (OWASP Top 10) in modern web applications, why they often exist, and several methods to test for their existence. Each module has video lecture content introducing exploitation concepts to explain why the vulnerabilities exist, and how hackers exploit them.  Each module also includes an immersive hands-on lab component, in which the student has the chance to exploit each vulnerability, using the vulnerable Mutillidae framework.  Finally, the course encourages students to engage in a dynamic “capstone lab” designed to test the students’ ability to exploit a novel web application leveraging vulnerabilities identified in the OWASP Top 10.

Learning Objectives


Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.