Have the technical ability and expertise to test or evaluate the security of web-based systems/applications by attempting to take over the system using the same techniques or tools used by attackers.

List of web penetration testing skills:

• Basic of Web Application
• Information Gathering
• Brute Force Attack
• Cross Site Scripting (XSS)
• SQL Injection
• CSRF Attack
• Command Injection
• File Upload Vulnerability
• File Inclusion