Hands-On Web Application Penetration Testing Training Course

Hands-On Web Application Penetration Testing Training Course

This training course is a series of educational interactive training sessions where the attendees will gain hands-on experience. They will be able to identify security flaws in web applications customized or built for the training course. They will also be able to exploit those security flaws to fully understand the value of fixing those flaws.

gchq_-_certified_trainingTranchulas Hands-On Web Application Penetration Testing Training Course is accredited under the GCHQ Certified Training (GCT) scheme. The course material has been rigorously assessed against the exacting standards of GCHQ. The quality of the trainers’ delivery and the course administration has been quality checked and approved by APMG.


  • Basic knowledge of HTML and JavaScript
  • Participants must bring their own laptops

CWASP Certification


This course leads to Tranchulas Certified Web Application Security Professional (CWASP) certification. Tranchulas CWASP is accredited by Institute of Information Security Professionals (IISP), UK. Certified Web Application Security Professional (CWASP) is an exclusive certification which will test your technical skills on a live but simulated web application where you are expected to discover and exploit security vulnerabilities. Students are required to pass our online lab test in order to receive CWASP certification.

Tranchulas Online Labs

Tranchulas Online Labs are available 24×7 for practising web attacks learnt during the training course. Online labs have several web applications based on real-world scenarios which can be exploited and have different difficulty levels. Vulnerabilities include but are not limited to XSS, SQL Injection, CSRF, cookie manipulation, local file inclusion. Students are required to discover and exploit vulnerabilities in order to pass online labs and receive Tranchulas Certified Web Application Security Professional (CWASP) Certification.


Post Training Support

You can connect with Tranchulas Online labs for 90 days to practice your hacking kung-fu after the training course. During this time our technical team will provide you email/phone/skype support in order to ensure the skills acquired on the training course are being applied correctly.

About the Trainer

Tranchulas training and workshops are conducted by the world’s top information security experts. Our instructors are featured speakers at renowned security conferences such as Hack in the Box Malaysia, InfoSek Slovenia, Hack.lu Luxembourg, CONFidence Krakow, Troopers, Shakacon, OWASP Europe and BruCON Belgium.

Training Schedule

Date Venue Location  
Radisson Blu Hotel London, UK Sold Out
Tranchulas Office San Francisco, US Sold Out