About this Course
최근 조회 16,189

다음 전문 분야의 4개 강좌 중 3번째 강좌:

100% 온라인

지금 바로 시작해 나만의 일정에 따라 학습을 진행하세요.

유동적 마감일

일정에 따라 마감일을 재설정합니다.

중급 단계

완료하는 데 약 10시간 필요

권장: 5 hours/week...

영어

자막: 영어

다음 전문 분야의 4개 강좌 중 3번째 강좌:

100% 온라인

지금 바로 시작해 나만의 일정에 따라 학습을 진행하세요.

유동적 마감일

일정에 따라 마감일을 재설정합니다.

중급 단계

완료하는 데 약 10시간 필요

권장: 5 hours/week...

영어

자막: 영어

강의 계획 - 이 강좌에서 배울 내용

1
완료하는 데 4시간 필요

Injection Web App Attacks and Their Defenses

In this module we will learn how to hack web app with command injection vulnerability with only four characters malicious string. We will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query. We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn how to apply security design pattern to defend injection attacks and enhance web security.

...
4 videos (Total 34 min), 2 readings, 2 quizzes
4개의 동영상
Command Injection11m
Review Code to Detect Pattern to Defend Command Injection12m
Apply Security Design Pattern to Defend Command Injection Attack6m
2개의 읽기 자료
OWASP Command Injection30m
Detecting Command Injection30m
1개 연습문제
Exam 3.1. Assessing Injection Web App Attacks and Their Defenses30m
2
완료하는 데 6시간 필요

Hack SQL Databases and Patch Web Apps with SQL Injection Vulnerabilities

In this module we will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query.We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn the eight-step hacker methodology for exploit systems. For the escalating privilege techniques, we show how to leverage command injection vulnerability to search file systems and deposit/hide Trojans for future exploit.

...
6 videos (Total 54 min), 5 readings, 2 quizzes
6개의 동영상
Patching Web App with SQL Injection Vulnerability5m
Hacking Methodology9m
Demystify New OS/PL Will Not Have Injection Vulnerabilities8m
Escalate Privileges via Deploying Trojan10m
Escalate Privileges by Bringing in Sophisticated Trojan8m
5개의 읽기 자료
SQL Injection30m
SQL Injection Prevention Cheat Sheet30m
Red Teaming: The Art of Ethical Hacking30m
Understanding Privilege Escalation30m
National Vulnerability Database Entry30m
1개 연습문제
Exam 3.2. Assessing SQL Injection and Hacking Methodology30m
3
완료하는 데 2시간 필요

Memory Attacks and Defenses

In this module, we learn about the typical protection mechanism provided by the modern OS to prevent process from accessing other pages data belong different process. We will also learn buffer overflow attacks and their common defenses.

...
4 videos (Total 51 min), 2 readings, 1 quiz
4개의 동영상
Variables Allocation in Virtual Memory Layout5m
Buffer Overflow14m
Buffer Overflow Defense15m
2개의 읽기 자료
OWASP Memory Leaks30m
OWASP Buffer Overflow Attacks30m
1개 연습문제
Exam 3.3. Assessing Buffer Overflow Attacks and Defenses30m
4
완료하는 데 4시간 필요

Penetration Testing

In this module we will learn how to perform Vulnerability Scanning with Nessus tool, learn to perform penetration testing using tools included in Kali Linux distribution and to use Metasploit Framework to take control a vulnerable machine, deploy keylogger, run remote shell and remote VNC injection. We will also learn how to clone an AWS P2.xlarge GPU instance from a Ubuntu image with hashcat software to crack passwords.

...
6 videos (Total 37 min), 3 readings, 2 quizzes
6개의 동영상
Vulnerability and WannaCry Ransomware7m
Penetration Testing with Kali Linux6m
Metasploit Framework10m
Keylogging3m
Remote VNC Server Injection1m
3개의 읽기 자료
Nessus Training30m
Kali Linux & Documentation30m
Metasploit Resources30m
1개 연습문제
Exam 3.4. Assessing the Scanning and Penetration Testing Skills22m
4.1
12개의 리뷰Chevron Right

Hacking and Patching의 최상위 리뷰

대학: KSMay 8th 2019

this is my passion , coursera you did good effort make efficent learning.

강사

Avatar

Edward Chow

Professor
Computer Science

콜로라도 대학교 정보

The University of Colorado is a recognized leader in higher education on the national and global stage. We collaborate to meet the diverse needs of our students and communities. We promote innovation, encourage discovery and support the extension of knowledge in ways unique to the state of Colorado and beyond....

Fundamentals of Computer Network Security 전문 분야 정보

This specialization in intended for IT professionals, computer programmers, managers, IT security professionals who like to move up ladder, who are seeking to develop network system security skills. Through four courses, we will cover the Design and Analyze Secure Networked Systems, Develop Secure Programs with Basic Cryptography and Crypto API, Hacking and Patching Web Applications, Perform Penetration Testing, and Secure Networked Systems with Firewall and IDS, which will prepare you to perform tasks as Cyber Security Engineer, IT Security Analyst, and Cyber Security Analyst. The learning outcomes of this specialization include: you should be able to create public/private keys, certificate requests, install/sign/verify them for web server and client authentication, secure emails, and code signing. you should be able to write secure web apps with Crypto API to implement the confidentiality, integrity, and availability basic security services. you should be able to hack web applications with vulnerabilities and patch them. you should be able to apply penetration testing tool to exploit vulnerable systems. you should be able to crack passwords given the hashes in password file using AWS P2 GPU. you should be able to configure firewall and IDS for secure network systems you should be able to specify effective security policies and implement efficient enforcement procedures by applying security design principles for securing network systems....
Fundamentals of Computer Network Security

자주 묻는 질문

  • 강좌에 등록하면 바로 모든 비디오, 테스트 및 프로그래밍 과제(해당하는 경우)에 접근할 수 있습니다. 상호 첨삭 과제는 이 세션이 시작된 경우에만 제출하고 검토할 수 있습니다. 강좌를 구매하지 않고 살펴보기만 하면 특정 과제에 접근하지 못할 수 있습니다.

  • 강좌를 등록하면 전문 분야의 모든 강좌에 접근할 수 있고 강좌를 완료하면 수료증을 취득할 수 있습니다. 전자 수료증이 성취도 페이지에 추가되며 해당 페이지에서 수료증을 인쇄하거나 LinkedIn 프로필에 수료증을 추가할 수 있습니다. 강좌 내용만 읽고 살펴보려면 해당 강좌를 무료로 청강할 수 있습니다.

궁금한 점이 더 있으신가요? 학습자 도움말 센터를 방문해 보세요.