App Sec Hacker


Looking to improve your application security testing skills? Or are you planning to sit your CREST Certified Tester (Applications) exam? Our three day intensive application penetration testing training course is aligned to the CCT practical syllabus and comes with access to 4ARMED’s exclusive and comprehensive lab environment.

Our hands-on exercises will put you through your paces and enable you to practice the skills you have been taught and to prepare for the demands of the CCT practical exam.

Course Contents

  • Training Modules
  • Introduction
  • The World Wide Web 101
  • Enumeration
  • Authentication and Session Management
  • Access Control and Cross-Site Request Forgery
  • Cross-Site Scripting
  • SQL Injection
  • XML External Entities
  • Remote Code Execution
  • SSL/TLS Misconfiguration
  • Real World Security Flaws
  • Capture The Flag Exercise

Lab Environment

We have over seventy different practical exercises which you can attempt during the training, covering all the topics listed in the syllabus.

Our labs incorporate numerous technologies including ASP.NET, Java, Ruby on Rails, Node.js, PHP, Microsoft SQL Server, Oracle, PostgreSQL and MySQL with more being added regularly.

Extended access post-course via the Internet can be arranged at a small additional cost.

Who Should Attend?

This course is aimed at application penetration testers who are looking to gain their CCT App qualification. It covers over 90% of the practical elements of the CCT App syllabus and is designed to consolidate existing knowledge, cover any gaps you may have and provide ample opportunity to practice the hands-on skills with our exclusive, custom-built lab environment.

If you are more junior this course can easily be slowed down and tailored to your requirements. We often deliver this training with an extra day so we can dig into the topics in even greater detail and spend more time on the labs. Ask us!


There are minimal equipment requirements for this course.

  • Laptop computer with Internet access
  • Intercepting Proxy installed and working (Burp Suite Professional recommended)
  • Python and Ruby are highly recommended also

Dates and Prices

At your office - Worldwide

4ARMED's trainers quite literally travel the world delivering App Sec Hacker to security testing teams.

Whether you're in the UK, Ireland, Mainland Europe or further afield get in touch with us for a quote to deliver App Sec Hacker to your team.

Train Online

That's right! 4ARMED's App Sec Hacker training course is going online! Soon you'll be able to benefit from our app sec training from the comfort of your own home (or office, or...wherever has an Internet connection). Gain application penetration testing expertise in your slippers, your onesie, hey hack naked if you like! Our videos will walk you through each topic and you'll have exclusive access to your own instance of our bespoke training labs.

To be among the first to find out when App Sec Hacker Online is available plus all the details including pricing, signup to the dedicated mailing list using the form below. This list is only for App Sec Hacker Online, we don't spam or send you other information that's not related directly to this training course.

A select few from our list may even be chosen for early beta access.

Get the latest updates on App Sec Hacker Online

* indicates required

Next Steps

Want to discuss your requirements further? Wondering whether training is right for your business? There's an easy way to find out, give us a call or complete the contact form below to tell us where you're at and we will work with you to find the best solution for you.