1. Home
  2. /
  3. Courses
  4. /
  5. Offensive Security
  6. /
  7. Web Penetration Testing

Web Penetration Testing

$ 2.000/0.07430862

In this course, we will look at all the vulnerabilities associated with web applications and proprietary web services. These vulnerabilities will be tested in black box and white box. In Black Box mode, special Web Fuzzing and Web Crawling techniques can be used. The process of preparing laboratory environments to detect vulnerabilities will also be in the form of a White Box, which can lead to the emergence of critical level vulnerabilities and the chain of Remote Code Execution attacks.

View full Syllabus

Out of stock

How to Access: Online
Access Time: Unlimited
Course Level: Beginner + Intermediate + Advanced
Category: Offensive Security
  • Access to the LMS section is provided only with the Safe Exam Browser, which is only available on Windows, macOS, and iOS operating systems.


  • Windows 10 and 11 are preferred.
  • Windows 7 and 8.1 will also work.
  • Dual-core processor (2+ GHz).
  • 4+ GB of RAM.
  • Chrome, Firefox or Microsoft Edge will also work.


  • OS X El Capitan
  • Dual-core 1.2 GHz Intel Core M processor.
  • 4+ GB of RAM.
  • Chrome, Firefox or Safari will also work.

Online Lab Exercises

  • Access to the online laboratory can be achieved with any browser and any operating system, and there are no obstacles in the laboratory section.

Access: Unlimited access from registration to forever.100%


Language: Training courses are designed in Persian and English.100%


Pace: Learning is guided and available anytime from 24 hours.100%


Virtual lab access: access is granted until practical challenges are solved.100%


Downloads: If you use scripts and similar things, they will be available for download.100%


Learning environment: access to LMS will be based on desktop, mobile and tablet browsers.100%


Guided Videos: A complete tutorial video is provided for each topic.100%



There are no reviews yet.

Only logged in customers who have purchased this product may leave a review.

Dedicated Laboratory

Awarding a Valid Certificate

Unlimited Access

Course Quality

  • In cybersecurity training courses, all dimensions and aspects of a subject are not addressed, and this problem causes the operational capacity of students to decrease significantly.
  • In the offensive security courses designed under the supervision of Anon’s research team, a content strategy is defined, based on which every topic raised in the educational syllabus is studied and taught from all technical aspects.
  • The content strategy in penetration testing courses is as follows:
  1. The cause of the vulnerability event
  2. How to detect vulnerability as a black box
  3. How to discover vulnerability as a white box
  4. How to obfuscate and bypass defense mechanisms
  5. How to exploit and design the exploitation chain

Learning Management System

  • The online education management system will have the task of intelligent and browser-based guidance of users, as well as the establishment of theoretical and practical tests.
  • Another task of this system will be to record the duration of courses and completion of course topics, so that it can finally display accurate statistical information to the companies applying for human resources and the users themselves.
  • In this system, there are two contents of the course, the first is the educational videos of each lesson and their topics, the second is an online booklet, which is presented on the page of each lesson and all the points of that topic, and users can read them in the LMS system.
  • It should be noted that the videos and texts of the training course are only available through the LMS system and cannot be downloaded or copied, of course, course users will always have access to the training system for a lifetime.

Online Laboratory

  • Another feature of this course is to have an online operational laboratory that is designed for each of the Syllabus topics, at least three to five different scenarios and with the approach of the real event environment of that topic.
  • Access to each of the lab sections is such that any lesson that is opened to users according to the LMS educational path, will be available to users according to that lesson’s online laboratory section, and as long as the user has operational challenges If you don’t do it, the next lesson won’t open.
  • The duration of access to each part of the online laboratory is unlimited, of course, until the user passes the practical challenge. If the challenge is passed, that challenge will be removed from the user’s reach and the next challenges will be opened.
  • An information counter has been placed in the online laboratory to track all the events and academic trends of the users and show them to the users themselves, this information will also be used in order to rank the users.

Operational Virtual Machine

  • In the training courses of the Unk9vvN research team, two virtual machines are given to the users in order to carry out the operational commands in the real world, also based on the studies carried out in the courses.
  • The first virtual machine is a Windows Server 2022, which will have all the tools of the offensive security fields, tools that will be available with just one click, in this virtual machine, all the tools based on the Windows operating system have been tried Useful to collect.
  • The second virtual machine is the Kali Linux operating system, which has been designed and provided to users in a personalized way with more comprehensive and complete tools than before.
  • The reason for providing these two operational virtual machines is that users can have a complete and comprehensive environment for their operational needs without worrying and increase the speed of their tests.

Cheat Sheet and Checklist

  • For each training course, a cheat sheet is provided, which is designed as a complete, dedicated manual and is provided to users, this manual is aimed at facilitating the implementation of test operations that users should use in the operational part, these manuals It will include the introduction of quality tools and how to use them for all kinds of tests.
  • In addition to the cheat sheet, a comprehensive and complete checklist is provided so that users, after learning the lessons presented in the course, based on that checklist and cheat sheet, can perform security assessments and specifically discover weak and vulnerable points.

Association with Teachers

  • Course users can be in direct contact with professors on two communication platforms, the first is the Discord program for weekly voice question and answer sessions, the second is the Telegram program and a semi-private group for raising questions and specialized discussions with professors and course designers.
  • The training courses of the Anon research team are not based on one person and are designed by a team, therefore, in relation to any technical problems or questions, users can communicate with the designers and professors of the course on the mentioned platforms on a daily basis. And raise their issues.

Domestic and Foreign Jobs

  • Offensive security specialties, especially penetration testing, are always offered alongside defensive security services, and experts in this field can provide great help to a professional cybersecurity solution. Therefore, penetration testing jobs are always needed both inside Iran and outside Iran, and they offer appropriate salaries.
  • To check penetration testing jobs in Iran, you can refer to jobvision.ir and jobinja.ir, and also for jobs in this field outside of Iran, you can refer to infosec-jobs.com and indeed.com websites. Evaluate the careers of this field.


  • Red team members
  • Vulnerability assessment experts
  • Penetration testers
  • Security consultants
  • Developers
  • IT managers
  • System Architects
  • Software students
  1. Basics of Network
  2. Basics of Linux
  3. Basics of HTML and CSS
  4. Basics of JavaScript and NodeJS
  5. Basics of JSON and XML
  6. Basics of SQL and NoSQL
  7. Basics of PHP
  8. Basics of Java
  9. Basics of C-Sharp
  10. Basics of ASP.NET
  11. Professional Python


  1. Web Protocols
  2. Web Frameworks

Information Gathering

  1. Reconnaissance
  2. Open Source Intelligence

Web Vulnerabilities

  1. Misconfiguration
  2. Identity Management
  3. Broken Authentication
  4. Broken Authorization
  5. Session Management
  6. Input Validation
  7. Error Handling
  8. Weak Cryptography
  9. Business Logic
  10. Client Side
  11. API Attacks
  • You can perform an in-depth analysis of the open source code of web applications without compilation.
  • Identify logical vulnerabilities that many enterprise scanners fail to detect.
  • Participating in bug bounty programs and discovering Critical level vulnerabilities.
  • Providing web penetration testing services at the organizational and public level.

Related Courses