Offensive Security - Web Hacking

Analytics & Tech
Data Protection

Basic
SkillsFuture
Short Courses
This module is part of (SCTP) Advanced Certificate in Cyber Security (Specialist) (Synchronous E-Learning)

This module is conducted online.

To use your SkillsFuture Credit, please submit your claim through our payment portal. Do not submit the claim manually via the SkillsFuture page. Please refer to our step-by-step guide here.

Next course starts on

To be advised

Fee

SGD3,433.50* (as low as SGD243 after maximum funding) Learn More

Duration

To be advised

Level

Basic

Venue

Online

Who Should Attend

Penetration Testers
Cyber Security Specialists
Security Analysts
Vulnerability Researchers
Security Engineers

PREREQUISITES

Solid understanding of computer networking concepts: Familiarity with IP addresses, protocols such as Transmission Control Protocol/Internet Protocol (TCP/IP), network devices (routers, firewalls), and basic network topologies is crucial
Basic understanding of operating systems: Knowledge of Windows and Linux, including file systems, user accounts, and permissions, would be beneficial
Comfort with Command-Line Interfaces (CLI): Many of the tools used in ethical hacking, like Nmap and Metasploit, operate through a command-line interface
Analytical thinking and problem-solving skills: Ethical hacking involves identifying vulnerabilities and creatively exploiting them
Prior programming experience: While not mandatory, some experience with scripting languages like Python or Bash can be helpful for understanding certain tools and automating tasks
Commitment to ethical hacking practices: This course emphasises using learned skills for authorised penetration testing and vulnerability research, not malicious purpose

Overview

This comprehensive programme equips participants with the knowledge and skills necessary to conduct ethical penetration testing of web applications.

By delving into the core principles of web technology, common attack vectors, and industry-standard tools, participants will gain a comprehensive understanding of web application security vulnerabilities and their mitigation strategies.

Note: This module is not available on a standalone basis.

Learning Objectives

At the end of the 12-day module, participants will be able to:

Understand the inner workings of web applications, including Hypertext Transfer Protocol (HTTP) and the web stack, to identify potential vulnerabilities
Master the Open Worldwide Application Security Project (OWASP) Top 10, a critical framework for identifying and exploiting common web application security risks
Gain expertise in various web application attack vectors, including injection attacks - Structured Query Language (SQL), Cross-Site Scripting (XSS), Cross-Site Request Forgery (CSRF), Operating System (OS) command injection, Denial-of-Service (DoS), Local File Inclusion (LFI), and Remote File Inclusion (RFI)
Utilise Burp Suite, a leading web application security testing tool, to scan for vulnerabilities and manually exploit them in a controlled environment

Assessment

As part of the requirement for SkillsFuture Singapore, there will be an assessment conducted at the end of every module. The mode of assessment varies depending on the modules and it will be either an online quiz or group presentation.

Participants are required to attain a minimum of 75% attendance and pass the associated assessment for each of the 10 modules in order to be eligible for programme funding and to be awarded the digital Advanced Certificate in Cyber Security (Specialist) (Synchronous E-Learning) issued by Singapore Management University.

Fee Table

PARTICIPANT PROFILE	SELF-SPONSORED
Singapore Citizen < 40 years old Permanent Resident	$1,030.05¹
Singapore Citizen ≥ 40 years old⁴	$400.05²
Singapore Citizens who qualify for AFS	$242.55³

All prices include 9% GST
¹Up to 70% course fee funding
²Up to 90% course fee funding under SkillsFuture Mid-Career Enhanced Subsidy ("MCES")
³Up to 95% course fee funding under Additional Funding Support ("AFS") where participants must be:

Singapore Citizens; and
Long-term unemployed individuals (6 months or more); or
Individuals in need of financial assistance [ComCare Short-to-Medium Term Assistance (SMTA) recipients or Workfare Income Supplement (WIS) recipients]; or
Persons with disabilities

⁴SkillsFuture Level-Up Programme for Mid-Career Individuals (NEW)
A SkillsFuture Credit (Mid-Career) top-up of $4,000 will be provided to Singaporeans aged 40 years and above to further offset out-of-pocket course fees for this programme.

Please note that the programme fees are subject to change without prior notice.

Post Secondary Education Account (PSEA)
PSEA can be utilised for subsidised programmes eligible for SkillsFuture Credit support. Click here to find out more.

Self Sponsored

SkillsFuture Credit: Singapore Citizens aged 25 and above may use their SkillsFuture Credits to pay for the course fees. The credits may be used on top of existing course fee funding.

This is only applicable to self-sponsored participants. Application to utilise SkillsFuture Credits can be submitted when making payment for the course via the SMU Academy TMS Portal, and can only be made within 60 days of course start date.

Please click here for more information on the SkillsFuture Credit. For help in submitting an SFC claim, you may wish to refer to our step-by-step guide on claiming SkillsFuture Credits (Individual).
Workfare Skills Support Scheme: From 1 July 2023, the Workfare Skills Support (WSS) scheme has been enhanced. Please click here for more details.