OffSec

Offensive Security OSWA Training

WEB-200

Offensive Security OSWA (WEB-200)

WEB-200 teaches students how to discover and exploit common web vulnerabilities, and how to exfiltrate sensitive data from target web applications. Students will obtain a wide variety of skill sets and competencies for web app assessments. Students who complete the course and pass the associated exam earn the Offensive Security Web Assessor (OSWA) certification, demonstrating their ability to leverage modern web exploitation techniques on modern applications. A certified OSWA candidate is prepared to take on the Advanced Web Attacks and Exploitation (WEB-300) course.

Training at a glance

Level

Intermediate

Duration

5 Days

Experience

4 years: Kali Linux

Average Salary

$153,000

Labs

Yes

Level

Intermediate

Duration

5 Days

Experience

4 years: Kali Linux

Average Salary

$153,000

Labs

Yes

Training Details

  • Tools for the Web Assessor
  • Cross Site Scripting (XSS) Introduction and Discovery
  • Cross Site Scripting (XSS) Exploitation and Case Study
  • Cross Origin Attacks
  • Introduction to SQL
  • SQL Injection (SQLi) and Case Study
  • Directory Traversal
  • XML External Entity (XXE) Processing
  • Server Side Template Injection (SSTI)
  • More Topics added monthly*

 

*The OffSec Training Library will be updated continuously with new Topics on an approximately monthly cadence. Not every course or content area will receive an update every month, but some course or content area will receive an update approximately monthly.

  • Module 1: Secrets of Success with WEB200
  • Module 2: Tools
  • Module 3: Cross-Site Scripting Introduction and Discovery
  • Module 4: Cross-Site Scripting Exploitation and Case Study
  • Module 5: Cross-Origin Attacks Same-
    Origin Policy
  • Module 6: SQL Injection
  • Module 7: Directory Traversal Attacks
  • Module 8: XML External Entities
  • Module 9: Server-side Template Injection - Discovery and Exploitation
  • Module 10: Command Injection
  • Module 11: Server-side Request Forgery
  • Module 12: Insecure Direct Object Referencing
  • Module 13: Assembling the Pieces: Web Application Assessment Breakdown
  • Students will obtain a wide variety of skill sets and competencies for Web App Assessments
  • Students will learn foundational Black Box enumeration and exploitation techniques
  • Students will leverage modern web exploitation techniques on modern applications
  • Job roles like: Web Penetration Testers, Pentesters, Web Application Developers, Application Security Analysts, Application Security Architects, and SOC Analysts and other blue team members
  • Anyone interested in expanding their understanding of Web Application Attacks, and/or Infra Pentesters looking to broaden their skill sets and Web App expertise
All students are required to have:
  • All prerequisites for WEB-200 can be found within the Offsec
  • Fundamentals Program, included with a Learn One or
  • Learn Unlimited subscription
  • Prerequisite Topics include:
    • PEN-100: Web Application Basics
    • PEN-100: Linux 1 & 2
    • PEN-100: Networking Basics
  • Course Materials
  • Active Student Forums
  • Access to Home Lab Setup

Also available in On-Demand formats below:


Learn Fundamentals Package – $799

  • 1 year unlimited access to all fundamental content and OffSec curated Learning Paths
  • 365 days of lab access
  • PEN-103 + 1 KLCP exam attempt
  • PEN-210 + 1 OSWP exam attempt
  • Easily upgrade at any time to a Learn One subscription.
  • Learn More 

OR


Learn One Package – $2,599

  • 1 year of access to the course of your choice
  • 2 exam attempts during your subscription
  • 365 days of lab access
  • Access to all 100-level content for 1 year
  • 1 year of unlimited access to all fundamental content and OffSec curated Learning Paths
  • PEN-103 + 1 KLCP exam attempt
  • PEN-210 + 1 OSWP exam attempt
  • Proving Grounds Practice labs
  • Learn More

OR


Learn Unlimited Package – $5,799

  • 1 year of access to unlimited course & content
  • Unlimited exam attempts during your subscription
  • 365 days of lab access
  • 1 year of unlimited access to all fundamental content and OffSec curated Learning Paths
  • Access to all 100-level content for 1 year
  • PEN-103 + unlimited KLCP exam attempts
  • PEN-210 + unlimited OSWP exam attempts
  • Proving Grounds Practice labs
  • 3 downloads of course material
  • Learn More

Upcoming Classes

PROUD OFFSEC PARTNERSHIP

We are proud to be an OffSec Learning, Government, and Channel Partner. We pride
ourselves on providing award winning boot camps and direct mentoring in our classrooms,
Online Live or at your location. The only immersive Authorized Instructor-Led OffSec
training available – join us today!

We Offer More Than Just OffSec Training

Our successful training results keep our corporate and military clients returning.
That’s because we provide everything you need to succeed. This is true for all of our courses.

Strategic Planning & Project Management

From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.

IT & Cybersecurity

ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.

Leadership & Management

Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.

From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.
ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.
Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.