In this article, you will find answers to the following questions:
- What are the WEB-300 support hours?
- What are the prerequisites for Advanced Web Attacks and Exploitation?
- What are the reporting requirements?
- How do I get CPE points for WEB-300?
Live Support and the Orders Department are available 24/7. You can find all of our Department's contact details here.
Advanced Web Attacks and exploitation (WEB-300) is an advanced web application security course that teaches the skills needed to conduct white box web app penetration tests.
Familiarity with Linux, comfort reading and writing at least one coding language. Ability to write simple Python / Perl / PHP / Bash scripts, experience with web proxies and general understanding of web app attack vectors, theory, and practice, are required.
The only report that is required for the WEB-300 course is the exam report, should you choose to attempt the OSWE certification exam. If you do not wish to take the certification exam but would like to claim CPE credits, you will need to provide us with a report in PDF format containing your completed module labs.
If you have passed your OSWE exam, you may qualify for 40 CPE points, which you must submit yourself via the ISC2 members site. If you have not passed the exam or opted not to take it, you must submit your lab documentation to challenges AT offensive-security DOT com for review to qualify for the CPE points. In case of an ISC audit, we will provide you with a formal letter of attendance.