Online Course
Hacking and Patching
University of Colorado System via Coursera
-
890
-
- Write review
Overview
Class Central Tips
Syllabus
- In this module we will learn how to hack web app with command injection vulnerability with only four characters malicious string. We will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query. We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn how to apply security design pattern to defend injection attacks and enhance web security.
Hack SQL Databases and Patch Web Apps with SQL Injection Vulnerabilities
-In this module we will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query.We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn the eight-step hacker methodology for exploit systems. For the escalating privilege techniques, we show how to leverage command injection vulnerability to search file systems and deposit/hide Trojans for future exploit.
Memory Attacks and Defenses
-In this module, we learn about the typical protection mechanism provided by the modern OS to prevent process from accessing other pages data belong different process. We will also learn buffer overflow attacks and their common defenses.
Penetration Testing
-In this module we will learn how to perform Vulnerability Scanning with Nessus tool, learn to perform penetration testing using tools included in Kali Linux distribution and to use Metasploit Framework to take control a vulnerable machine, deploy keylogger, run remote shell and remote VNC injection. We will also learn how to clone an AWS P2.xlarge GPU instance from a Ubuntu image with hashcat software to crack passwords.
Taught by
Edward Chow
Related Courses
-
Fundamentals of Computer Network Security
University of Colorado System
-
Exploiting and Securing Vulnerabilities in Java Applications
University of California, Davis
-
Identifying Security Vulnerabilities
University of California, Davis
-
DDoS Attacks and Defenses
University of Colorado System
-
Secure Coding Practices
University of California, Davis
-
Penetration Testing: Advanced Kali Linux
Reviews
0.0 rating, based on 0 reviews