Objectif Sécurité offers one-day training sessions on the secure development of on-line applications. Based on demos and experience from over a hundred audits, the training describes the classical errors that we discover when working with our customers (which are documented at OWASP). To help the developers to systematically avoid errors we also present the basics of secure development methods. Finally, the participants get to do practical exercises where they pretend to be a hacker and try to exploit errors on websites prepared by ourselves. The training is typically given by two instructors of Objectif Sécurité to small groups of developers.