About the course
Offensive Security Web Expert (OSWE)
Demonstrates fluency in the art of exploiting front-facing web applications
- Earned by completing a 24-hour online certification exam
- Pre-Requisite Course: Advanced Web Attacks and Exploitation (AWAE)
- Exam labs is a virtual network consisting of various web applications and operating systems
- Proves a clear and practical understanding of the web application assessment and hacking process
- An OSWE is able to identify vulnerabilities in web applications using various technologies and exploit them
Real World Exams
The OSWE examination is comprised of a virtual network consisting of various web applications and operating systems. The successful examinee will demonstrate their ability to fingerprint the web applications, identify any vulnerabilities found, and successfully exploit them. The candidate is required to submit a comprehensive penetration test report, containing in-depth notes and screen shots detailing their findings. Points are awarded for each compromised host, based on their difficulty and level of access obtained.
Real World Benefits
An OSWE, by definition, is able to identify existing vulnerabilities in web applications using various technologies and execute organized attacks in a controlled and focused manner. An OSWE is able to do more than launch pre-written exploits but is also able to audit code successfully. The twenty-four-hour examination also demonstrates that OSWE’s have a certain degree of persistence and determination. Perhaps more importantly, an OSWE has demonstrated their ability to think “outside the box” and “laterally.”
OSWE HOLDERS CAN
- Audit web application code to find vulnerabilities.
- Develop exploits for vulnerable web applications.
- Analyze, correct, modify and port exploit code.
- Implement various techniques to bypass sanitization filters.
- Demonstrate creative problem solving and lateral thinking.