Advance Penetration Testing – Web Application, 3 Days

Dec 15th, 2010 | By | Category: Training

Web application is a critical point of vulnerabilities in organization nowadays.  Web application holes have resulted theft in many financial sectors for company, organization, enterprises even compromised browsing machines that visited web sites changed by attacker.

Who should attend?
IT and Information Security Professional, such as: Consultant, Auditor, Manager, Engineer and Administrator.


  • This course will open participants’ mind of exploiting web applications to find vulnerabilities in company’s web application.
  • Detail hands-on lab on attacks and defenses will be practiced during the course for web application penetration testing.

Schedule of SecurityFirst Training and Certification Programs (click here)


  • Introduction
  • Attack Mechanism: Technical Attack, Logical Attack.
  • Web Application Penetration Testing: Information Gathering, Business Logic Testing, Configuration Management Testing, Authorization Testing, Data Validation Testing, Denial of Service Testing, Web Services Testing.
  • Assessing Your Own Web Application: Vulnerability Scan, Logical vs Automated Tools, Exploitation, OWASP Top 10 Attack (2010), Injection Attack, Advance SQL Injection, Remote/ Local File Inclusion, OS Injection/ Command Injection, Cross-Site Scripting, Broken Authentication and Session Management, Insecure Direct Object References, Cross-Site Request Forgery (CSRF), Security Misconfiguration, Insecure Cryptographic Storage, Failure to Restrict URL Access, Insufficient Transport Layer Protection, Unvalidated Redirects and Forwards, Redirect Injection

13 – 15 February 2013

SecurityFirst Training Room or Hotel Meeting Room, Jakarta
(Depends on the participants number)

Fee and Payment

Rp. 6,000,000,- / person + 10% VAT, include

  • 3 days training
  • Training Material
  • 2 x Coffe Break 1 x Lunch
  • Certificate of Attendance

Discount 10% for

  • 2 people or more from the same company
  • Early registration: 2 weeks before the class

Payment via transfer to
BCA Cab. Kalimalang
a/c 230 357 7777
a/n PT. IMAN Teknologi Informasi


For more information and registration, please contact:

education[at] or +62 811 91 27001


Click here to access trainee’s testimonies, other XecureIT information security training and certification programs.


We had provided in house training to develop information security competencies inside various organizations, such as: Bank Indonesia, BPMIGAS, Deloitte, Dirjen Pajak, IBM, National Crypto Agency, etc.

Please do not hesitate to contact us to develop a competent information security team inside your organization.

Back to Events

“Use XecureBrowser for more secure Internet banking.”

Tags: ,

Leave Comment