Web Application Pentester Training

Web Application Penetration Tester training is a professional program aimed at building and improving application security testing skills for your pentester career.

Training Program

The Berezha Web Application Pentester Training program covers the body of knowledge that is required to become a professional in web application security testing.

The training program spans over 14 lessons and there is a potential for a bonus lesson in each group of students. The lessons cover the theoretical background and practical hands-on training in the labs.

After completing the training, all students obtain an attendance certificate. Those who successfully pass the final test get a completion certificate.

Training Schedule

  1. Environment configuration: pitfalls, tips & tricks.
  2. Reconnaissance methodology, tools & hacks.
  3. Server-side attacks: SQLi, SSTI, SSRF, XXE, LFI, etc.
  4. Client-side attacks: XSS, CSRF, etc.
  5. Web service & API (in)security.
  6. Access control, session management & authorization.
  7. Business logic flaws & vulnerabilities.
  8. Security misconfiguration: environment, headers & beyond.
  9. Web sockets as an attack vector.
  10. Crypto & the web.
  11. Deep dive into XSS, SQLi & GraphQL flaws.
  12. IoT security basics.
  13. Cloud security basics.
  14. Reporting, risk management & communications.

Prior Knowledge

For the training to be effective, students must have certain prior knowledge about web application technologies. We expect all students to be familiar with the following:

  1. HTML: you should know different markup tags and their meaning.
  2. JavaScript: there is no need to be an expert for this course, but you should know the basics. If you can pop-up an alert(), you are good to go.
  3. SQL: again, only the basics, we will teach the rest. If you know how to use the main verbs like SELECT – that’s about it.
  4. HTTP: know the protocol structure and its main elements, such as headers, cookies, request types, and (roughly) response codes.

If you are ready to join one of our groups, register now. Our representative will contact you soon with training schedule options and all required paperwork.

Training Price

The Web Application Penetration Tester Training price is 22,000 UAH (VAT excluded).

  1. If paid in full upfront, the cost is 20,000 UAH (ex VAT).
  2. The payment schedule is 50/50: a 50% advance payment before the training starts, and a 50% payment before it is half-over. If you require a more flexible payment schedule, we can discuss it further.
  3. We distribute promo codes at OWASP and NoNameCon events. Ask around, maybe someone you know already has one.
  4. The daytime students of Ukrainian academic institutions and high schools get a 25% discount off the agreed price.
  5. In line with our social responsibility goals, we offer a 40% discount for the former Ukrainian military personnel who are willing to start a career in Application Security.

If you feel that the above list is incomplete and you are in a position to get a discount, please let us know.


The Web Application Pentester Training is taught by Berezha Security professionals who have day-to-day hands-on experience in web application security and penetration testing and hold the best penetration testing certifications themselves.

An expert who is the best fit for each topic presents it to students. There is a person in each team who knows more about something than everybody else. We make sure that a trainer who we all learn from holds a corresponding training session.

Besides the technical expertise, our trainers have the best presenting and training experience. We do corporate training and provide practical workshops in Berezha Security projects and beyond. We arrange webinars, speak at security conferences, and organize them too. All of us are somehow involved in the OWASP Kyiv chapter and the organization of NoNameCon – a practical security conference in Kyiv, Ukraine.

Demo Lessons

Register for training

Share your contacts and tell us a few words about yourself. Our expert will get back to you soon with the training schedule and other details.

Call Us

+1 (315) 303 2323
+380 (44) 364 7336


6 Nimanska St., 41, Kyiv, Ukraine 01103


77 Sichovykh Striltsiv St., Kyiv, Ukraine