top of page

OWASP-YN: Web Hacking and Defense Course with OWASP Top 10 Vulnerabilities

2 Days per class

Remarks

  • Fully claimable under HRDC

  • Up to 25 pax per class

  • On-site delivery at your company’s location (travel and accommodation charges apply for locations outside Klang Valley)

  • The fees stated are for 3 classes

  • Promo fee is billed upfront during the first class, whether with HRDC grant or not

OWASP-YN: Web Hacking and Defense Course with OWASP Top 10 Vulnerabilities

RM 18,900

Fees for 3 sessions

RM 6,300/class ONLY

Web Hacking and Defense Course with OWASP Top 10 Vulnerabilities is a 2-day intensive training that empowers developers, testers, and security professionals with practical offensive and defensive web security skills.


Participants will explore real-world exploits for the most critical web vulnerabilities outlined by OWASP Top 10 (2021/2023 editions), including:

  • SQL Injection

  • Cross-Site Scripting (XSS)

  • Cross-Site Request Forgery (CSRF)

  • Broken Authentication

  • Broken Access Control


Through live demonstrations and hands-on exercises, learners will:

  • Perform injection attacks to extract or manipulate data

  • Steal cookies and hijack sessions via XSS attacks

  • Exploit CSRF flaws to perform unauthorized transactions

  • Analyze authentication weaknesses and conduct brute-force attacks

  • Secure web applications using input validation, parameterized queries, and session hardening


Day 1 focuses on:

  • Understanding web application attack surfaces

  • Performing offensive techniques against vulnerable applications using DVWA and OWASP Juice Shop


Day 2 shifts to defense:

  • Implementing secure coding practices

  • Deploying Web Application Firewalls (WAFs) and bypass techniques

  • Secure authentication and session management

  • Performing security testing using tools like Burp Suite and OWASP ZAP


The training concludes with a Capture The Flag (CTF) challenge where participants apply their skills to find and exploit vulnerabilities in a simulated environment.


By the end of this course, participants will:

  • Understand web vulnerabilities and how attackers exploit them

  • Secure web applications against real-world threats

  • Conduct vulnerability assessments and basic penetration tests

  • Build stronger, safer web apps following OWASP best practices


Ideal for developers, QA engineers, IT security professionals, and anyone seeking real-world web security experience.

Check Out Triple Treat.jpg

Check out the rest of Triple Treat courses

Get in touch with us

Fill in your details, and we’ll provide you with a customized quotation, detailed trainer profiles, and a comprehensive course outline. 

Successfully submitted. We will contact you soon.

bottom of page