Millions of businesses use the Internet as a cost-effective communications channel. It lets them exchange information with their target market and makes fast, secure transactions. However, effective engagement is only possible when the business can capture and store all the necessary data, and have a means of processing this information and presenting the results to the user. Web applications use a combination of server-side scripts (PHP and ASP) to handle the storage and retrieval of the information, and client-side scripts (JavaScript and HTML) to present information to users. This allows users to interact with the company using online forms, content management systems, shopping carts, and more. In addition, the applications allow employees to create documents, share information, collaborate on projects, and work on common documents regardless of location or device. Based on the information security scene which needs qualified Penetration Testers and Information Security Engineers able to understand secure and test their web applications and perform in-depth penetration testing tasks regarding web applications. At Security Meter Academy, we have the vision to teach the audience how to be the ones who can perform reconnaissance, attack, and report and verify reports created by other penetration testers.