Back to All Trainings

Hacking Modern Web Apps

Master the Future of Attack Vectors

Instructor: Abraham Aranguren
Date: September 12, 2025
Duration: 8 Hours (9:00 AM - 6:00 PM)
Level: Intermediate
Hacking Modern Web Apps

About This Training

This course is the culmination of years of experience gained via practical penetration testing of Modern Web applications as well as countless hours spent doing research. We have structured this course around the OWASP Security Testing Guide, it covers the OWASP Top Ten and specific attack vectors against Modern Web apps. This course provides participants with actionable skills that can be applied immediately from day 1.

Please note our courses are 100% hands-on, we do not lecture students with boring bullet points and theories, instead we give you practical challenges and help you solve them, teaching you how to troubleshoot common issues and get the most out of this training. Training then continues after the course through our frequently updated training portal, for which you keep lifetime access, as well as unlimited email support.

Each section starts with a brief introduction to the Modern platform (i.e. Node.js) for that section and then continues with a look at static analysis, moves on to dynamic checks finishing off with a nice CTF session to test the skills gained.

Training Format

Lectures

10% of the training

Hands-on Labs

90% of the training

Prerequisite of Training Class

Hardware & Software: Attendees should bring

A laptop with the following specifications:

  • Ability to connect to wireless and wired networks.
  • Ability to read PDF files
  • Administrative rights: USB allowed, the ability to deactivate AV, firewall, install tools, etc
  • Knowledge of the BIOS password, in case VT is disabled.
  • Minimum 8GB of RAM (recommended: 16GB+)
  • 60GB+ of free disk space (to copy a lab VM and other goodies)
  • VirtualBox 6.0 or greater, including the "VirtualBox Extension Pack"

Student / Prerequisites for attendees

This course has no prerequisites as it is designed to accommodate students with different skills:

  • Advanced students will enjoy comprehensive labs, extra miles and CTF challenges
  • Less experienced students complete what they can during the class, and can continue at their own pace from home using the training portal.

90%+ hands-on, 10% lecture. The course is mostly hands-on: The trainers introduce some concepts before each lab and then help the students overcome the challenges they face.

This course has no prerequisites as it is designed to accommodate students with different skills:

  • Advanced students will enjoy comprehensive labs, extra miles and CTF challenges
  • Less experienced students complete what they can during the class, and can continue at their own pace from home using the training portal.

This said, the more you learn about the following ahead of the course, the more you will get out of the course:

  • Linux command line basics