Web applications provide the interface between end users and web servers. In this course, we look at web application attacks, the associated tools and techniques used, and mitigation strategies. An ethical hacker is a person who attacks an organization's security on behalf of its owners in order to discover vulnerabilities. Instead of taking advantage of these vulnerabilities, the ethical hacker reports them to the organization who can then put in place the appropriate countermeasures to protect themselves against malicious hackers This course is the eleventh in a series of courses which can used in preparation for the Certified Ethical Hacker 312-50 exam. The course has been developed in partnership with EC-Council and is based on their Ethical Hacking and Countermeasures course materials and labs.