Web Applications Security

Web Applications Security

Web Applications Security

Who should attend ?

Web Application Developers, Web Site Admins, IT Security Centre Personnel, Auditors, Cyber Security Experts.


Basic knowledge of web technologies.

Course Syllabus

  • Information gathering
  • Configuration management flaws
  • Input / output manipulation
    • Cross Site Scripting (XSS)
    • Injection flaws: SQL Injection, OS command injection etc.
  • User authentication flaws
  • Authorization flaws
  • Session management flaws
    • Session fixation
    • Session hijacking
    • Cross Site Request Forgery (CSRF)
  • Application logic
  • Log management
  • Failure management
  • Secure application management



3 Days.


The attendees will learn important security components of HTTP based applications, most common mistakes, how to avoid making these mistakes and how to assure sustainable application security.

Course Tutor

Muharrem Aydın

Computer Engineer, Cyber Security Expert, IT Lawyer

After 10 years of software engineering experience with titles of software developer, product manager, and integration architect, I have been working in cyber security domain for last 10 years. I am not only a cyber security expert but also the head and kick-starter of a cyber security consultancy unit.

In security field, I have performed dozens of penetration tests for institutes from different sectors: finance, military, state agencies, and telcos.

I have been consulting different compaines in security field which includes global banks such as ING Bank, HSBC, CitiBank and more.

In addition, I am an adjunct instructor in a university and teaching cyber security for years.

I involved in technical areas and has taken responsibilities in:

  • Penetration tests (Pentests) and security audits
  • Cyber security training & consultancy
  • Source code analysis & secure software development
  • Cyber security incident response
  • Information security management system (ISMS) consultancy Open source cyber security systems, such as OpenVAS, OSSEC, OSSIM, Snort, Suricata, mod security

I’m creating my courses by using my know-how and 10 years of experience. As a result, our first course “Hacking Web Applications and Penetration Testing: Fast Start!” has gained “Best Seller” reputation in its category.

I have risen a lot of cyber security experts from scratch, and you are the next.