Held in our Cyberlab in Buckinghamshire, this 3-day training course offers a series of educational interactive training sessions where you will gain hands on experience, learning how to identify security flaws in web applications. You will also be able to exploit those security flaws to fully understand the value of fixing them.

Tranchulas online labs are available 24×7 for practising web attacks learnt during training course.

24th – 26th September 2018, Phoenix Datacom Cyberlab, Aylesbury

Download the course outline

IISP Accreditation

The Institute of Information Security Professionals (IISP), UK has assessed and accredited Tranchulas training.

Courses accredited by IISP enable course participants to build knowledge, competency and develop skills to progress their careers. IISP accreditation means that course materials and content have been assessed to ensure that they meet the stated objectives of the course. Furthermore, IISP verifies that the course content meets the competency level of their Skills Framework.

Who should attend?

  • Application Developers

  • Application security managers

  • Security consultants

  • QA testers

  • IT Managers

  • Penetration testers

  • Any security professional who is interested in learning about web application security.

Course attendees need a basic knowledge of HTML and Java Script and must bring their own laptop.

CWASP Certification

This course leads to the exclusive Certified Web Application Security Professional (CWASP) certification, which will test your technical skills on a live but simulated web application where you are expected to discover and exploit security vulnerabilities. Students are required to pass our online lab test in order to receive CWASP certification.

Tranchulas Online Labs

Tranchulas Online Labs are available 24×7 for practicing web attacks learnt during training course. Online labs have several web applications based on real world scenarios which can be exploited and have different difficulty levels. Vulnerabilities include but are not limited to XSS, SQL Injection, CSRF, cookie manipulation, local file inclusion.

Students are required to discover and exploit vulnerabilities in order to pass online labs and receive Tranchulas Certified Web Application Security Professional (CWASP) Certification.

Post Training Support

You can connect with Tranchulas Online labs for 90 days to practice your hacking kung-fu after the training course. During this time our technical team will provide you email/phone/skype support in order to ensure the skills acquired on the training course are being applied correctly.

About the Trainer

Tranchulas training and workshops are conducted by world’s top information security experts. Our instructors are featured speakers at renowned security conferences such as Hack in the Box Malaysia, InfoSek Slovenia, Hack.lu Luxembourg, CONFidence Krakow, Troopers, Shakacon, OWASP Europe and BruCON Belgium.

Entry Requirements

Course attendees need a basic knowledge of of HTML and Java Script and must bring their own laptop computer.

Laptop minimum requirements:

  • CPU: 1.5 GHz or higher

  • Minimum 4 GB RAM

  • 20 GB of free space on your Hard Drive

  • Wireless 802.11 b/g

  • Should have the capability to have local administrator access within the Operating system and disable antivirus if required.

  • You must set up a Windows Virtual machine on your system if your primary OS is not windows.

Register for more information and pricing


  • (Valid work email required.)
    (You can withdraw your consent at any time by using the ‘unsubscribe’ option in the messages you receive from us)