It is always recommended to check the official Offensive Security website for the most current pricing, promotions, and subscription details.
Exploitation Focus: Students learn to move beyond simple alert(1) payloads to execute session hijacking via cookie theft, keylogging, and forcing unauthorized administrative actions. SQL Injection (SQLi)
The OSWA exam is a fully practical, proctored challenge. You are given a specific timeframe to identify vulnerabilities and exploit target systems to collect flags.
The Official WEB-200 Syllabus covers a broad spectrum of modern web attack vectors:
When you register for WEB-200, OffSec provides an extensive PDF manual alongside video modules and lab access. Navigating a massive technical PDF can be overwhelming. To study effectively, structure your personal notes and cheat sheets using the following framework: Create a Payload Matrix web-200 offensive security pdf
The official PDF/guide acts as a structured textbook covering complex web protocols, injection techniques, and cross-site scripting vulnerabilities. It translates dense web development concepts into offensive security methodologies. A Warning on Third-Party and Pirated PDFs
Arguably the best free resource for web security. It aligns perfectly with the topics found in WEB-200.
Manual and automated techniques using tools like sqlmap .
The vulnerability exists entirely in client-side JavaScript rather than server-side code. 3. SQL Injection (SQLi) It is always recommended to check the official
Forcing the hosting server to make internal network requests.
Used when the application does not return data or errors directly. Attackers use Boolean logic (True/False responses) or time delays ( pg_sleep() , WAITFOR DELAY ) to exfiltrate data character by character. Cross-Site Request Forgery (CSRF)
The course provides deep dives into the industry's most common and dangerous flaws. This includes Cross-Site Scripting (XSS), SQL Injection (SQLi), Cross-Site Request Forgery (CSRF), Server-Side Request Forgery (SSRF), XML External Entities (XXE), Server-Side Template Injection (SSTI), and Command Injection.
Analyzing request/response cycles, headers, cookies, and session tokens. You are given a specific timeframe to identify
: Exploiting CORS misconfigurations and CSRF. The OSWA Certification Exam
The learning ecosystem consists of three primary components:
Time management is critical during the exam. Successful students often script their exploits using Python. Automating multi-step vulnerabilities—such as blind SQL injection data extraction or multi-stage XSS-to-CSRF chains—ensures speed and accuracy when targeting multiple exam hosts.