OffSec

Offensive Security OSWA Training

WEB-200

Offensive Security OSWA (WEB-200)

WEB-200 teaches students how to discover and exploit common web vulnerabilities, and how to exfiltrate sensitive data from target web applications. Students will obtain a wide variety of skill sets and competencies for web app assessments. Students who complete the course and pass the associated exam earn the Offensive Security Web Assessor (OSWA) certification, demonstrating their ability to leverage modern web exploitation techniques on modern applications. A certified OSWA candidate is prepared to take on the Advanced Web Attacks and Exploitation (WEB-300) course.

Training at a glance

Level

Intermediate

Duration

5 Days

Experience

4 years: Kali Linux

Average Salary

$153,000

Labs

Yes

Level

Intermediate

Duration

5 Days

Experience

4 years: Kali Linux

Average Salary

$153,000

Labs

Yes

Training Details

Course Overview

Tools for the Web Assessor
Cross Site Scripting (XSS) Introduction and Discovery
Cross Site Scripting (XSS) Exploitation and Case Study
Cross Origin Attacks
Introduction to SQL
SQL Injection (SQLi) and Case Study
Directory Traversal
XML External Entity (XXE) Processing
Server Side Template Injection (SSTI)
More Topics added monthly*

*The OffSec Training Library will be updated continuously with new Topics on an approximately monthly cadence. Not every course or content area will receive an update every month, but some course or content area will receive an update approximately monthly.

Course Outline

Module 1: Secrets of Success with WEB200
Module 2: Tools
Module 3: Cross-Site Scripting Introduction and Discovery
Module 4: Cross-Site Scripting Exploitation and Case Study
Module 5: Cross-Origin Attacks Same-
Origin Policy
Module 6: SQL Injection
Module 7: Directory Traversal Attacks
Module 8: XML External Entities
Module 9: Server-side Template Injection - Discovery and Exploitation
Module 10: Command Injection
Module 11: Server-side Request Forgery
Module 12: Insecure Direct Object Referencing
Module 13: Assembling the Pieces: Web Application Assessment Breakdown

Intended Audience

Students will obtain a wide variety of skill sets and competencies for Web App Assessments
Students will learn foundational Black Box enumeration and exploitation techniques
Students will leverage modern web exploitation techniques on modern applications
Job roles like: Web Penetration Testers, Pentesters, Web Application Developers, Application Security Analysts, Application Security Architects, and SOC Analysts and other blue team members
Anyone interested in expanding their understanding of Web Application Attacks, and/or Infra Pentesters looking to broaden their skill sets and Web App expertise

Prerequisites

All students are required to have:

All prerequisites for WEB-200 can be found within the Offsec
Fundamentals Program, included with a Learn One or
Learn Unlimited subscription
Prerequisite Topics include:
- PEN-100: Web Application Basics
- PEN-100: Linux 1 & 2
- PEN-100: Networking Basics

Features

Course Materials
Active Student Forums
Access to Home Lab Setup

Also available in On-Demand formats below:

Learn Fundamentals Package – $799

1 year unlimited access to all fundamental content and OffSec curated Learning Paths
365 days of lab access
PEN-103 + 1 KLCP exam attempt
PEN-210 + 1 OSWP exam attempt
Easily upgrade at any time to a Learn One subscription.
Learn More

Learn One Package – $2,599

1 year of access to the course of your choice
2 exam attempts during your subscription
365 days of lab access
Access to all 100-level content for 1 year
1 year of unlimited access to all fundamental content and OffSec curated Learning Paths
PEN-103 + 1 KLCP exam attempt
PEN-210 + 1 OSWP exam attempt
Proving Grounds Practice labs
Learn More

Learn Unlimited Package – $5,799

1 year of access to unlimited course & content
Unlimited exam attempts during your subscription
365 days of lab access
1 year of unlimited access to all fundamental content and OffSec curated Learning Paths
Access to all 100-level content for 1 year
PEN-103 + unlimited KLCP exam attempts
PEN-210 + unlimited OSWP exam attempts
Proving Grounds Practice labs
3 downloads of course material
Learn More

Follow-On Courses

Advanced Web Attacks and Exploitation (WEB-300)

Upcoming Classes

PROUD OFFSEC PARTNERSHIP

We are proud to be an OffSec Learning, Government, and Channel Partner. We pride

ourselves on providing award winning boot camps and direct mentoring in our classrooms,

Online Live or at your location. The only immersive Authorized Instructor-Led OffSec

training available – join us today!

Black Hat USA Delivery Partner

Learn more about our Authorized OffSec training courses at
BLACK HAT USA 2024!

We Offer More Than Just OffSec Training

Our successful training results keep our corporate and military clients returning.
That’s because we provide everything you need to succeed. This is true for all of our courses.

Strategic Planning & Project Management

From Lean Six Sigma to Project Management Institute Project Management Professional, Agile and SCRUM, we offer the best-in-class strategic planning and project management training available. Work closely with our seasoned multi-decade project managers.

IT & Cybersecurity

ATA is the leading OffSec and Hack the Box US training provider, and a CompTIA and EC-Council award-winning training partner. We offer the best offensive and defensive cyber training to keep your team ahead of the technology skills curve.

Leadership & Management

Let us teach your team the high-level traits and micro-level tools & strategies of effective 21st-century leadership. Empower your team to play to each others’ strengths, inspire others and build a culture that values communication, authenticity, and community.

Strategic Planning & Project Management

IT & Cybersecurity

Leadership & Management

Jessica B

2024-05-13

Excellent professional team and the class was great. The instructor, J Chaney, really did a great job explaining the concepts and keeping the class engaging. I credit ATA with helping me pass the exam on the first try.

MDP

2024-05-10

Great classes for IT advancement with outstanding instructors. The staff are also awesome with aiding in enrollment and solving any issues.

Tony L

2024-04-22

ATA is a good way to take an IT course as the instructors are very knowledgeable and present topics in a way that is easy to understand. The staff is also great. In my experience they have responded and resolved any questions or issues I had in a timely manner. I would recommend ATA to anyone that is looking to get IT certifications as I have used them for CompTIA Net+ and Sec +.

AlAmin Smith (Swizzkillz)

2024-04-09

I've taken so many boot camps through them. They always deliver with the content and customer service. If I have questions, I get answers. If there is a class I have an interest in, they look into getting it added. I just completed another course and it well as usual. ATA is one of the best resources I have available to me to complete my goals in the cyber field.

chriscaliforniaa

2024-04-09

Big Thanks to Applied Technology Academy! Last year, I made a big decision to make a career change! Before, I didn’t have a roadmap. I did my research and found ATA. Since I want to pursue in Cybersecurity, I went to their Sec+ bootcamp last year to learn so much material and I would say that they’re the best! Great staff and military friendly! Thank you guys so much and shout out to Mr. J. Chaney! Definitely the best to ever do it! Great instructor! Now i am Sec+ certified!

Stephon Shaffer

2024-02-29

I've been working with ATA for awhile since I began going down the path of IT. I was able to attain Security+, Certified Ethical Hacker, and the CCNA cert through them. I want to give big shout out to Laura Campbell!! She has been amazing as far as making sure documentation is prepared, sending out upcoming classes way in advance, and executing things quick. She provides valuable resource and goes out of her way to get things done. I was going for the Fortinet NSE 4 cert, which is not a common curriculum provide on the itinerary, but she went and made it happen and ensured that it would be covered. I couldn't take the course due to other reasons, but the fact that she was able to make it happen truly solidified my heart with ATA. Thank you Laura and thank you ATA!! I look forward to enrolling into the CCNP course with you all very soon.

Nicole Watson

2023-05-17

This school is hands down the BEST IT school I have attended for SEC+. I have attended SEC+ twice at Fort Gordon and the information that is taught there was so outdated. I appreciate Applied Technology Academy so much! I actually enjoyed the instruction, it was not hard to follow, and the instructor, Mr. Chaney, was extremely knowledgeable. He was able to communicate to the lowest level from Beginner to advanced. Our class had 100% pass rate of who took the exam after the course was over. After the exam I was able to contact the instructor and Ms. Liz Pernaselci for more information. I was provided with the audio from the course to go over in the event I needed to brush up. We are also allowed to log in to any SEC+ Course afterwards without paying an additional fee. I really appreciate this school and will be attending more courses in the future!

Hey there Dontworryboutit

2023-01-13

I had 0 computer knowledge or background going into the Security + class. J made it understandable and easily digestible. The classes were thorough and the study material was exactly what was needed to help prepare for the test. Cannot recommend this enough for people trying to get into the security field.

Henoc Placide

2022-10-17

Security + course was very well taught and easily digested. Course material provided definitely prepared for course exam.

Training Categories

Training Сourses

1. Talk To An Expert

2. Select Your Date

3. Elevate Your Career

Recent Stories

Cloud Computing

Data Analyst

Data Scientist

Defensive Security

Machine Learning Engineer