• 10 hours
  • Medium

Free online content available in this course.

course.header.alt.is_certifying

Got it!

Last updated on 9/27/24

Get the Most Out of This Course

Wondering how hackers break into applications? Have you heard of OWASP, OSINT, SQL injections, and XSS, but it all still seems a bit vague? Would you like to learn more about attack techniques for assessing website security, and how to secure your web applications reliably and effectively?

Then welcome to this course! You’re about to learn the steps you need to take to conduct a web penetration test!

Meet Your Teachers

Thibaut Bonnetain is a cybersecurity consultant who has spent his entire career conducting penetration tests for clients at companies of all sizes across France and around the world.

Etienne Capgras is responsible for developing OpenClassrooms’ catalog of cybersecurity and IT courses. Before joining OpenClassrooms, he worked for over 10 years in a consulting firm, where he conducted and managed countless security audits, penetration tests, risk analyses, roadmaps, and compliance programs.

Learn About How the Course Works

Before we jump in and get started, we’d like to talk about the structure of this course and give you a few tips on how to get the most out of it.

  • The course is divided into five parts, each with several chapters.

  • Where necessary, chapters begin with an introductory video. This is where you’ll hear from Etienne. He’ll introduce the key points of the course.

  • The main body of each chapter includes text-based content to help you delve deeper into these key concepts, along with demonstration videos to support your learning. This is where you’ll work with Thibaut.

  • You’ll also have the chance to watch interviews with a number of penetration testing experts talking about their experiences.

  • You’ll have regular opportunities to practice in the Over to You! sections.

  • Each part concludes with a quiz where you can test your knowledge and identify the areas you need to work on.

In this course, you’ll learn how to perform a penetration test from start to finish, working through the following phases:

  • Defining the scope of testing (part 1)

  • Conducting the actual test (parts 2, 3, and 4)

  • Reporting the results (part 5)

You’ll learn how to approach the test methodically, and more importantly, how to understand the pentester’s stance and philosophy.

Shadow the Course’s Training Project

You’ll be shadowing Thibaut on a penetration testing project from start to finish, commissioned by a fictional client. This training project will give you an understanding of all the stages and aspects of the job, just as if you were doing an internship with Thibaut.

By shadowing him, you’ll learn how to develop the right stance and apply the best practices. You’ll also get a chance to hear his expert advice and watch his video demonstrations.

Update Your Skills If Necessary

This course is aimed at people with a good grounding in IT, who understand:

  • the technical basics of networks, systems, and how a web application works.

  • the concepts of client-server, network services, and TCP/IP protocols.

We also strongly recommend that you be familiar with the way a command terminal works and the concept of a virtual machine, and know how to virtualize an environment, particularly to install the tool we’ll be using in the course, Kali.

If you feel a little lost on any of the subjects, don’t panic!

Ready to learn more about this fascinating profession? Then let’s get started!

Example of certificate of achievement
Example of certificate of achievement