OWASP-YN: Web Hacking and Defense Course with OWASP Top 10 Vulnerabilities
2 Days per class
Remarks
Fully claimable under HRDC
Up to 25 pax per class
On-site delivery at your company’s location (travel and accommodation charges apply for locations outside Klang Valley)
The fees stated are for 3 classes
Promo fee is billed upfront during the first class, whether with HRDC grant or not

RM 18,900
Fees for 3 sessions
RM 6,300/class ONLY
Web Hacking and Defense Course with OWASP Top 10 Vulnerabilities is a 2-day intensive training that empowers developers, testers, and security professionals with practical offensive and defensive web security skills.
Participants will explore real-world exploits for the most critical web vulnerabilities outlined by OWASP Top 10 (2021/2023 editions), including:
SQL Injection
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
Broken Authentication
Broken Access Control
Through live demonstrations and hands-on exercises, learners will:
Perform injection attacks to extract or manipulate data
Steal cookies and hijack sessions via XSS attacks
Exploit CSRF flaws to perform unauthorized transactions
Analyze authentication weaknesses and conduct brute-force attacks
Secure web applications using input validation, parameterized queries, and session hardening
Day 1 focuses on:
Understanding web application attack surfaces
Performing offensive techniques against vulnerable applications using DVWA and OWASP Juice Shop
Day 2 shifts to defense:
Implementing secure coding practices
Deploying Web Application Firewalls (WAFs) and bypass techniques
Secure authentication and session management
Performing security testing using tools like Burp Suite and OWASP ZAP
The training concludes with a Capture The Flag (CTF) challenge where participants apply their skills to find and exploit vulnerabilities in a simulated environment.
By the end of this course, participants will:
Understand web vulnerabilities and how attackers exploit them
Secure web applications against real-world threats
Conduct vulnerability assessments and basic penetration tests
Build stronger, safer web apps following OWASP best practices
Ideal for developers, QA engineers, IT security professionals, and anyone seeking real-world web security experience.
Get in touch with us
Fill in your details, and we’ll provide you with a customized quotation, detailed trainer profiles, and a comprehensive course outline.