Bonsai Information Security - Education


The w3af Training course is focused on manual and automated discovery and exploitation of web application vulnerabilities using w3af. During this course you will also learn how to write your own exploits, web application payloads and customized plugins in order to achieve your goals during a Web Application Penetration Test (WAPT).

This course is a hands-on intensive class in which you will not stop learning for even a minute. In each practice you will find vulnerabilities to discover and exploit, interesting plugin code snippets to analyze and modify, and framework features that will help you automate your penetration testing work.

Our teaching experience, combined with our w3af experience (we wrote it!) helped us create the best w3af Training Course, which was developed for an audience with prior computer security skills and knowledge, especially on Web Application Security. During the course, Web vulnerabilities to be found and exploited will be reviewed, but the course will focus on framework usage and modification.


Training deliverables include:

  1. Booklet with training course slides
  2. Live CD with w3af
  3. VMware image with the training environment

Commercial Web Application Scanners cost thousands of dollars, and they have the same features than w3af.

Use Open Source and lower your costs.
Get a Quotation for a w3af training course given by the w3af project leader!