Discover the All Access Pass


WAS 360

Coliseum WAS 360

Curious about this course?

Enroll now and get access to all of our material and labs!


Run labs at your own pace from wherever you are. There's no software to install and you only need a web browser.

Discover Labs

Guided labs

Having difficulty solving the labs? Ask for "tips" during the practical sessions : you'll be guided towards the solution step by step.

Enroll now

Course at a glance

  • Information gathering
  • Web Application Analysis with Burp Suite
  • Covers OWASP Top 10 vulnerabilities
  • Reflected, Stored and DOM XSS
  • SQL Injection techniques
  • Cookie manipulation
  • CSRF
  • Fun challenging scenarios to play with
  • Provides you with guidance during the practical sessions

Course material

  • No videos provided
  • No slides included
  • 13 labs in Coliseum

Course delivery

  • Self-paced
  • On-line access required
  • Access from PC

Test drive this course for free


  • Basic understanding of HTML, HTTP and Javascript.
  • No web development skills required.

This training course is for...

  • Penetration testers
  • Web developers
  • IT admins and staff


Labs are in Coliseum Lab. You can activate lab access within 90 days from enrollment.

This is the list of challenges included in WAS360.

Lab IDDescriptionCategory
Lab 1 Poema Reading Club 1 (Info gathering) Challenge
Lab 2 Poema Reading Club 2 (XSS) Challenge
Lab 3 Poema Reading Club 3 (XSS) Challenge
Lab 4 Poema Reading Club 4 (Dom XSS) Challenge
Lab 5 Poema Reading Club 5 (SQLi) Challenge
Lab 6 Poema Reading Club 7 (SQLi, Cookie Manipulation) Challenge
Lab 7 Arrogant Bank Challenge
Lab 8 Tomato Lovers 1 (File upload) Challenge
Lab 9 Tomato Lovers 2 (File upload) Challenge
Lab 10 Tomato Lovers 3 (CSRF) Challenge
Lab 11 Music Shop 1 Challenge
Lab 12 Music Shop 2 Challenge
Lab 13 Soccer 1 Challenge


  • Armando Romeo
    Armando Romeo

    Armando Romeo is the founder and CEO of eLearnSecurity. Prior to founding eLearnSecurity he has spent 5 years in web application security research with hundreds of vulnerability advisories released. Armando currently leads the R&D team and inspires new projects and new training activities.

Enroll now and get access to all of our material and labs!

Frequently Asked Questions


I'm a Security Analyst. I was thinking that I knew something, now after the labs, I'm sure that I know something!

Luiz Arruda
Security Analyst

The coliseum gave me an opurtunity to play with great tools in a real world scenarios. It really helped me to understand how some of the most dangerous attacks on the web works in a very short time.

IT Security manager

I am a web application penetration tester and it is hard to find quality labs for learning and testing web applications. These labs are right on the money in providing instructions and fun labs that will increase a person's skillsets as a web app pentester.

Penetration Tester

Go to top of page