Online Course
Hacking and Patching
University of Colorado System via Coursera
Found in
Cybersecurity Courses
- Provider Coursera
- Cost Free Online Course (Audit)
- Session In progress
- Language English
- Certificate Paid Certificate Available
- Duration 4 weeks long
- Learn more about MOOCs
Taken this course? Share your experience with other students. Write review
This course is part of:
Overview
Class Central Tips
In this MOOC, you will learn how to hack web apps with command injection vulnerabilities in a web site of your AWS Linux instance. You will learn how to search valuable information on a typical Linux systems with LAMP services, and deposit and hide Trojans for future exploitation. You will learn how to patch these web apps with input validation using regular expression. You will learn a security design pattern to avoid introducing injection vulnerabilities by input validation and replacing generic system calls with specific function calls. You will learn how to hack web apps with SQL injection vulnerabilities and retrieve user profile information and passwords. You will learn how to patch them with input validation and SQL parameter binding. You will learn the hacking methodology, Nessus tool for scanning vulnerabilities, Kali Linux for penetration testing, and Metasploit Framework for gaining access to vulnerable Windows Systems, deploying keylogger, and perform Remote VNC server injection. You will learn security in memory systems and virtual memory layout, and understand buffer overflow attacks and their defenses. You will learn how to clone a Kali instance with AWS P2 GPU support and perform hashcat password cracking using dictionary attacks and known pattern mask attacks.
Syllabus
Injection Web App Attacks and Their Defenses
- In this module we will learn how to hack web app with command injection vulnerability with only four characters malicious string. We will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query. We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn how to apply security design pattern to defend injection attacks and enhance web security.
Hack SQL Databases and Patch Web Apps with SQL Injection Vulnerabilities
-In this module we will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query.We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn the eight-step hacker methodology for exploit systems. For the escalating privilege techniques, we show how to leverage command injection vulnerability to search file systems and deposit/hide Trojans for future exploit.
Memory Attacks and Defenses
-In this module, we learn about the typical protection mechanism provided by the modern OS to prevent process from accessing other pages data belong different process. We will also learn buffer overflow attacks and their common defenses.
Penetration Testing
-In this module we will learn how to perform Vulnerability Scanning with Nessus tool, learn to perform penetration testing using tools included in Kali Linux distribution and to use Metasploit Framework to take control a vulnerable machine, deploy keylogger, run remote shell and remote VNC injection. We will also learn how to clone an AWS P2.xlarge GPU instance from a Ubuntu image with hashcat software to crack passwords.
- In this module we will learn how to hack web app with command injection vulnerability with only four characters malicious string. We will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query. We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn how to apply security design pattern to defend injection attacks and enhance web security.
Hack SQL Databases and Patch Web Apps with SQL Injection Vulnerabilities
-In this module we will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query.We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn the eight-step hacker methodology for exploit systems. For the escalating privilege techniques, we show how to leverage command injection vulnerability to search file systems and deposit/hide Trojans for future exploit.
Memory Attacks and Defenses
-In this module, we learn about the typical protection mechanism provided by the modern OS to prevent process from accessing other pages data belong different process. We will also learn buffer overflow attacks and their common defenses.
Penetration Testing
-In this module we will learn how to perform Vulnerability Scanning with Nessus tool, learn to perform penetration testing using tools included in Kali Linux distribution and to use Metasploit Framework to take control a vulnerable machine, deploy keylogger, run remote shell and remote VNC injection. We will also learn how to clone an AWS P2.xlarge GPU instance from a Ubuntu image with hashcat software to crack passwords.
Taught by
Edward Chow
Help Center
Most commonly asked questions about Coursera
Review for Coursera's Hacking and Patching Based on 1 reviews
- 5 star 100%
- 4 star 0%
- 3 star 0%
- 2 star 0%
- 1 star 0%
Did you take this course? Share your experience with other students.
Write a review- 1
Anonymous
Anonymous
is taking this course right now.
I strongly recommend shadownethacker44@gmail.com I have used him quite a number of times and he has never disappointed me.
He does all types of mobile hacks, get unrestricted and unnoticeable access to your partner/spouse, Skype, Facebook Account, Email(s), Whatsapp, Instagram, Text messages, Twitter, Bank accounts, office files etc. Getting the job done is as simple as sending an email to shadownethacker44@gmail.com stating what you want to do.
He does all types of mobile hacks, get unrestricted and unnoticeable access to your partner/spouse, Skype, Facebook Account, Email(s), Whatsapp, Instagram, Text messages, Twitter, Bank accounts, office files etc. Getting the job done is as simple as sending an email to shadownethacker44@gmail.com stating what you want to do.
Was this review helpful to you?
Yes
- 1
Never Stop Learning!
