Course Catalog
WEB-300 - Advanced Web Attacks and Exploitation (AWAE/OSWE)
Code: WEB-300
Duration: 5 Day
$8495 USD

OVERVIEW

OffSec’s Advanced Web Attacks and Exploitation (WEB-300) 5-Days course dives deep into the latest web application penetration testing methodologies and techniques. Learners gain extensive hands-on experience in an environment designed to elevate their skills in ethical hacking, vulnerability discovery, and exploit development.

Successful completion of the course and challenging exam earns the OffSec Web Expert (OSWE) certification. This web application security certification validates expertise in advanced web application security testing, including bypassing defenses and crafting custom exploits to address critical vulnerabilities, making certified professionals an asset for securing any organization against web-based threats.

DELIVERY FORMAT

This course is available in the following formats:

Virtual Classroom

Duration: 5 Day

CLASS SCHEDULE

Delivery Format: Virtual Classroom
Date: Oct 05 2026 - Oct 09 2026 | 09:00 - 17:00 EDT
Location: Online
Course Length: 5 Day

$ 8495

Delivery Format: Virtual Classroom
Date: Aug 03 2026 - Aug 07 2026 | 09:00 - 17:00 EDT
Location: Online
Course Length: 5 Day

$ 8495

GOALS

Upon completing WEB-300 and successfully passing the OSWE exam, you’ll have mastered advanced web application security methodologies, including:

  • In-depth vulnerability analysis and exploitation
  • Custom exploit development
  • Bypassing modern web application defenses
  • Exploiting authentication and authorization flaws
  • Attacking API endpoints and cloud-native applications
OUTLINE


Notice: Undefined variable: classroom in /home/alliancemicro/public_html/content/catalog/public_course_details.php on line 264

Notice: Trying to access array offset on value of type null in /home/alliancemicro/public_html/content/catalog/public_course_details.php on line 264
Will Be Updated Soon!

Introduction

  • About the AWAE Course
  • Our Approach
  • Obtaining Support
  • Offensive Security AWAE Labs
  • Reporting
  • Backups
  • About the OSWE Exam

Tools & Methodologies

  • Web Traffic Inspection
  • Interacting with Web Listeners using Python
  • Source Code Recovery
  • Source Code Analysis Methodology
  • Debugging

ATutor, Authentication, Bypass and RCE

  • Initial Vulnerability Discovery
  • A Brief Review of Blind SQL Injections
  • Digging Deeper
  • Data Exfiltration
  • Subverting the ATutor Authentication
  • Authentication Gone Bad
  • Bypassing File Upload Restrictions
  • Gaining Remote Code Execution

ATutor LMS Type, Juggling Vulnerability

  • PHP Loose and Strict Comparisons
  • PHP String Conversion to Number
  • Vulnerability Discovery
  • Attacking the Loose Comparison

ManageEngine, Applications Manager, AMUserResourcesSyn, cServlet SQL Injection, RCE

  • Vulnerability Discovery
  • How Houdini Escapes
  • Blind Bats
  • Accessing the File System
  • PostgreSQL Extensions
  • UDF Reverse Shell
  • More Shells!!!

Bassmaster NodeJS, Arbitrary JavaScript, Injection Vulnerability

  • The Bassmaster Plugin
  • Vulnerability Discovery
  • Triggering the Vulnerability
  • Obtaining a Reverse Shell

DotNetNuke Cookie, Deserialization RCE

  • Serialization Basics
  • DotNetNuke Vulnerability Analysis
  • Payload Options
  • Putting It All Together

ERPNext, Authentication Bypass and Server Side Template Injection

  • Introduction to MVC, Metadata-Driven Architecture, and HTTP Routing
  • Authentication Bypass Discovery
  • Authentication Bypass Exploitation
  • SSTI Vulnerability Discovery
  • SSTI Vulnerability Exploitation

openCRX, Authentication Bypass and Remote Code, Execution

  • Password Reset Vulnerability Discovery
  • XML External Entity Vulnerability Discovery
  • Remote Code Execution

openITCOCKPIT XSS and OS Command Injection – Blackbox

  • Black Box Testing in openITCOCKPIT
  • Application Discovery
  • Intro To DOM-based XSS
  • XSS Hunting
  • Advanced XSS Exploitation
  • RCE Hunting

Concord, Authentication Bypass to RCE

  • Authentication Bypass: Round One - CSRF and CORS
  • Authentication Bypass: Round Two - Insecure Defaults

Server-Side Request, Forgery

  • Introduction to Microservices
  • API Discovery via Verb Tampering
  • Introduction to Server-Side Request Forgery
  • Render API Auth Bypass
  • Exploiting Headless Chrome
  • Remote Code Execution

Guacamole Lite, Prototype Pollution

  • Introduction to JavaScript Prototype
  • Prototype Pollution Exploitation
  • EJS Handlebars

Conclusion

  • The Journey So Far
LABS


Notice: Undefined variable: classroom in /home/alliancemicro/public_html/content/catalog/public_course_details.php on line 289

Notice: Trying to access array offset on value of type null in /home/alliancemicro/public_html/content/catalog/public_course_details.php on line 289
Will Be Updated Soon!

The Labs

  • Exercises and Extra Miles
  • The Road Goes Ever On
WHO SHOULD ATTEND

The WEB-300 course is ideal for experienced penetration testers and security professionals seeking to master advanced web application attacks and exploitation techniques, ultimately earning the OSWE certification.

PREREQUISITES

While there are no formal certification prerequisites, it’s strongly recommended that you have:

  • Comfort reading and writing at least one coding language
  • Familiarity with Linux
  • Ability to write simple Python / Perl / PHP / Bash scripts
  • Experience with web proxies
  • General understanding of web app attack vectors, theory, and practice