Hack YourSelf First

The training “Hack Yourself First” is focussed on developers building up cyber-offense skills and proactively seeking out security vulnerabilities in their own applications before an attacker does.

15+ Years Experience
Learn from industry leaders
Tailor-made Learning Journeys
Become the expert you want to be!
Hands-On Approach
Immediately start applying your craft
Rated 8,9
Highly reviewed by your peers

Upcoming courses

  • DevSecOps Engineer
  • English
2 days
09:00 - 17:00
Lunch incl.

Short summary

The prevalence of online attacks against websites has accelerated quickly in recent years and the same risks continue to be readily exploited. However, these are very often easily identified directly within the browser; it’s just a matter of understanding the vulnerable patterns to look for. This training comes at security from the view of the attacker in that their entry point is typically the application. They have a website for example and they want to probe it for security risks and this is how they go about it. The approach is more reflective of the real online threat than reviewing source code is and it empowers participants to begin immediately assessing their applications even when they’re running in a live environment without access to the source.

How can I test my applications for security so that security bugs can be fixed?

Our Trainer


Mohammed Siyam
DevSecOps consultant

Mohammed Siyam is a Security Architect at DevOn. He works with various distributed Agile and Scrum teams in helping them deliver secure software sustainably at speed and scale. Siyam is passionate about Software Security, Cloud Security and enjoys sharing his knowledge through various trainings.

Course objectives

The learning objectives for Hack Yourself First training include an understanding of:

  • Intermediate level of knowledge to identify potential application security flaws.
  • The many number of tools and secrets used by Ethical hackers world wide Brief overview of security controls techniques
  • Being able to ethically hack web application right after stepping out of the class Practical, hands-on, and real-world workshop enables learning by actually hacking
  • Being able to recognize patterns and common vulnerabilities
  • Being able to classify risks and report them responsibly

Course topics

  • The Forrest Rabbit Analogy
  • Disclaimer and Responsible activities
  • Defining a Risk
  • The HTTP Protocol
  • Cookies
  • The OWASP foundation and projects
  • The Penetration Testing Methodology
  • Learning to Install the tools of the trade
  • Introducing our vulnerable applications of the day
  • Learning to Identify Injection flaws- SQL Injection- Operating System Command Injections- Exploitation
  • How to – Session Hijacking and Privilege Escalations
  • A look at Transport Layer security The CIAo The Certificates and the Authorities Audit process
  • Summing the Information Disclosure Flaws
  • Learning to Identify
  • Reporting Guidelines
  • Risk Classification Guidelines

Target audience

The target audience for the Hack Yourself First training include Developers, Programmers, Quality Analysts, Testers, Architects with 1. Understanding of what is HTML, CSS, JavaScript 2. Ability to understand int result = 0; result = sum (2 + 3);

Top reviews of our trainings

  • Enthusiastic and flexible

    Henri Dijk / Agile Coach at Centric DevOps Foundation
  • Really good structure, clean code part

    Pascal Piduhn TDD
  • Good idea of what DevOps is about

    Sven Markus / Agile Coach & Project succes consultant at Blue Bricks DevOps Foundation
  • Nice to be able to apply the principles yourself

    Nadia Quality Code using SOLID principles
  • Good concrete examples!

    Derk Snijders / Software Developer bij Carthago ICT Quality Code using SOLID principles
  • Good way of bringing information.

    Bert van de Hel Kubernetes

Training dates

Payment methods

Need help?

Please contact us via email or call us by the number stated below. We are more than happy to help you.

+31 (0)15 - 241 19 00

What’s next for me?

Take a look at what trainings you should follow next to become a true expert in your field.

Certified DevOps Professional

2-days training
(CDP)® Certified DevOps Professional

Security testing (coming soon)

1-day training


What if I book a date, but then have to reschedule?

After your registration has been confirmed, you are still able to change the date up to 20 days before the first day of the training. You are able to do this once. Please send your request to academy@devon.nl or call +31(0)15-24 11 900 for further assistance.

What if not enough people have signed up for the course?

Two weeks before each training, we will check if we have enough participants for the training course to be valuable and continue. If this is not the case, we will inform you by e-mail, with options for a new date and location. After this notification, you will have the right to cancel or change your registration within 5 working days.

How can I pay?

On the website you can choose to pay via iDeal, creditcard or by invoice with a payment period of 30 days.

Which languages do you offer your courses in?

Most of our courses are available in both English and Dutch. We have a selection of training courses which are only available in English, which will be on that training page. Our rule of thumb for courses in the Netherlands is – the course is in English unless everybody speaks Dutch, then the course is in Dutch. If you want to be sure you are in a Dutch course, please get in touch with academy@devon.nl in case the information on a specific date is not available on the course page.

What do the costs include?

Unless mentioned otherwise, the course fee includes the cost of training material, exam cost, the use of the location, catering and parking.

Only one or two locations are visible. How is that possible?

When you click on the orange arrow, the menu will unfold further. More locations and dates might appear.

Is VAT included in the prices shown?

The costs that apply to our programs initiated from the Netherlands are exempt from sales tax as per Article 11-1-o of the 1968 Sales Tax Act. In other locations/countries, the prices shown are excluding VAT, which will be added.

Can I still register for the training?

Is the ‘register’ headline visible? This means you can register and attend the training. Does the headline say ‘full’? Give us a call and we’ll try and help you out!

What language is the course material in?

All course material for the open registrations is in English.

When will I receive my exam code?

If you are doing the PSD (Scrum.org) or one of the certified DevOps Institute trainings, you will receive your exam code on the final day of the training.

What is your payment term?

We have a payment term of up to 30 days

Not sure if this course is for you?