Full Stack Web Attack

Full Stack Web Attack is not an entry-level course. It’s designed to push you beyond what you thought was possible and set you on the path to develop your own workflow for offensive zero-day Web research. Many Web application testers and bounty hunters are focused on attacking Web applications via a blackbox approach. However, given today’s Web technology landscape, code is getting more abstracted, frameworks are being added and complexity is on the rise and as such, so are the vulnerabilities. Old techniques are being replaced with new Web attack research which is limited to a handful of world renowned experts.

To tackle this, security experts need to take a white box approach. Blackbox testing is no longer an effective approach, particularly if you want to find critical unauthenticated remote code execution vulnerabilities. In this course, several vulnerabilities will be revealed which would have been impossible to discover or exploit without access to the source code.

Classes are limited. Get registered!

Complex, multi-stacked Web deployments such as cloud Web interfaces or continuous integration applications need more than a blackbox penetration test. Welcome to the course that will teach you to attack the full Web application stack.

Learn the following key skills:

  • Feel comfortable reading code (looking for vulnerabilities) and writing code (developing exploits).
  • Debug complex Web applications using source code debuggers.
  • Attack complex object oriented vulnerability patterns.
  • Chain multiple vulnerabilities to achieve remote code execution.
  • Bypass authentication systems without client side vulnerabilities.
  • Leverage information disclosure for remote code execution.
NEW-2 (1)



In person


3 Days

  • A laptop with: A 64bit Host operating system 16 Gb RAM minimum VMWare Workstation/Fusion 60 Gb Hard disk free minimum Wired and Wireless network support USB 3.0 support

Students must have the following knowledge and skills:

  • Know how to use Burp Suite
  • Possess a basic understanding of common Web attacks
  • Possess a basic understanding of various Web technologies such as HTTP(S), proxies and browsers
  • Perform basic scripting using common languages such as python, PHP and JavaScript

Why choose the Center for Cyber Security Training

Interactive, classroom-based learning

Subject matter experts

Trusted by US government agencies

It was very inspiring to see your strategy, way of thinking and searching through code. That is even more valuable than the vulns themselves. And possibly one of the most challenging trainings, i took, in a good way.

- Anonymous

Classes are limited.

Enroll Now.

Want more information?

Download the Full Stack Web Attacks course outline now.

Related Courses

Our classroom delivers the most in-demand content from the highest profile subject matter experts. Intense and interactive, our courses prepare students with actionable insight and proven strategies.


Corelan ® Exploit Development: Bootcamp and Advanced

Our four-day Bootcamp will teach both basic & advanced techniques from a leading exploit developer. Learn how to write reliable exploits for the Win32 platform, starting with the basics of stack buffer overflows and exploit writing.

NEW-1 (1)

Mastering Web Attacks with Full Stack Exploitation

Modern Web applications are complex and it’s all about full-stack these days. That’s why you need to dive into full-stack exploitation if you want to master Web attacks and maximize your payouts. Say ‘No’ to classical Web application hacking. Join this unique hands-on training and become a full-stack exploitation master.

Looking for a course that's not here? We'd love to hear your suggestions!

Are you fully prepared to deal with today's increasing cyber security risks? We can help you get the training you need.


*We respect your privacy