このコースについて
15,141 最近の表示

100%オンライン

自分のスケジュールですぐに学習を始めてください。

柔軟性のある期限

スケジュールに従って期限をリセットします。

中級レベル

約10時間で修了

推奨:5 hours/week...

英語

字幕:英語

100%オンライン

自分のスケジュールですぐに学習を始めてください。

柔軟性のある期限

スケジュールに従って期限をリセットします。

中級レベル

約10時間で修了

推奨:5 hours/week...

英語

字幕:英語

シラバス - 本コースの学習内容

1
4時間で修了

Injection Web App Attacks and Their Defenses

In this module we will learn how to hack web app with command injection vulnerability with only four characters malicious string. We will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query. We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn how to apply security design pattern to defend injection attacks and enhance web security.

...
4件のビデオ (合計34分), 2 readings, 2 quizzes
4件のビデオ
Command Injection11 分
Review Code to Detect Pattern to Defend Command Injection12 分
Apply Security Design Pattern to Defend Command Injection Attack6 分
2件の学習用教材
OWASP Command Injection30 分
Detecting Command Injection30 分
1の練習問題
Exam 3.1. Assessing Injection Web App Attacks and Their Defenses30 分
2
6時間で修了

Hack SQL Databases and Patch Web Apps with SQL Injection Vulnerabilities

In this module we will learn how to hack web app with database backend with SQL injection vulnerability and potentially show the list of passwords by injecting string to overwrite SQL query.We will learn how to perform code review to spot the key statements/their patterns that expose the programs for such injection attacks and learn how to patch them. We will learn the eight-step hacker methodology for exploit systems. For the escalating privilege techniques, we show how to leverage command injection vulnerability to search file systems and deposit/hide Trojans for future exploit.

...
6件のビデオ (合計54分), 5 readings, 2 quizzes
6件のビデオ
Patching Web App with SQL Injection Vulnerability5 分
Hacking Methodology9 分
Demystify New OS/PL Will Not Have Injection Vulnerabilities8 分
Escalate Privileges via Deploying Trojan10 分
Escalate Privileges by Bringing in Sophisticated Trojan8 分
5件の学習用教材
SQL Injection30 分
SQL Injection Prevention Cheat Sheet30 分
Red Teaming: The Art of Ethical Hacking30 分
Understanding Privilege Escalation30 分
National Vulnerability Database Entry30 分
1の練習問題
Exam 3.2. Assessing SQL Injection and Hacking Methodology30 分
3
2時間で修了

Memory Attacks and Defenses

In this module, we learn about the typical protection mechanism provided by the modern OS to prevent process from accessing other pages data belong different process. We will also learn buffer overflow attacks and their common defenses.

...
4件のビデオ (合計51分), 2 readings, 1 quiz
4件のビデオ
Variables Allocation in Virtual Memory Layout5 分
Buffer Overflow14 分
Buffer Overflow Defense15 分
2件の学習用教材
OWASP Memory Leaks30 分
OWASP Buffer Overflow Attacks30 分
1の練習問題
Exam 3.3. Assessing Buffer Overflow Attacks and Defenses30 分
4
4時間で修了

Penetration Testing

In this module we will learn how to perform Vulnerability Scanning with Nessus tool, learn to perform penetration testing using tools included in Kali Linux distribution and to use Metasploit Framework to take control a vulnerable machine, deploy keylogger, run remote shell and remote VNC injection. We will also learn how to clone an AWS P2.xlarge GPU instance from a Ubuntu image with hashcat software to crack passwords.

...
6件のビデオ (合計37分), 3 readings, 2 quizzes
6件のビデオ
Vulnerability and WannaCry Ransomware7 分
Penetration Testing with Kali Linux6 分
Metasploit Framework10 分
Keylogging3 分
Remote VNC Server Injection1 分
3件の学習用教材
Nessus Training30 分
Kali Linux & Documentation30 分
Metasploit Resources30 分
1の練習問題
Exam 3.4. Assessing the Scanning and Penetration Testing Skills22 分
4.1
12件のレビューChevron Right

Hacking and Patching からの人気レビュー

by KSMay 8th 2019

this is my passion , coursera you did good effort make efficent learning.

講師

Avatar

Edward Chow

Professor
Computer Science

University of Colorado Systemについて

The University of Colorado is a recognized leader in higher education on the national and global stage. We collaborate to meet the diverse needs of our students and communities. We promote innovation, encourage discovery and support the extension of knowledge in ways unique to the state of Colorado and beyond....

Fundamentals of Computer Network Securityの専門講座について

This specialization in intended for IT professionals, computer programmers, managers, IT security professionals who like to move up ladder, who are seeking to develop network system security skills. Through four courses, we will cover the Design and Analyze Secure Networked Systems, Develop Secure Programs with Basic Cryptography and Crypto API, Hacking and Patching Web Applications, Perform Penetration Testing, and Secure Networked Systems with Firewall and IDS, which will prepare you to perform tasks as Cyber Security Engineer, IT Security Analyst, and Cyber Security Analyst. The learning outcomes of this specialization include: you should be able to create public/private keys, certificate requests, install/sign/verify them for web server and client authentication, secure emails, and code signing. you should be able to write secure web apps with Crypto API to implement the confidentiality, integrity, and availability basic security services. you should be able to hack web applications with vulnerabilities and patch them. you should be able to apply penetration testing tool to exploit vulnerable systems. you should be able to crack passwords given the hashes in password file using AWS P2 GPU. you should be able to configure firewall and IDS for secure network systems you should be able to specify effective security policies and implement efficient enforcement procedures by applying security design principles for securing network systems....
Fundamentals of Computer Network Security

よくある質問

  • 修了証に登録すると、すべてのビデオ、テスト、およびプログラミング課題(該当する場合)にアクセスできます。ピアレビュー課題は、セッションが開始してからのみ、提出およびレビューできます。購入せずにコースを検討することを選択する場合、特定の課題にアクセスすることはできません。

  • コースに登録する際、専門講座のすべてのコースにアクセスできます。コースの完了時には修了証を取得できます。電子修了証が成果のページに追加され、そこから修了証を印刷したり、LinkedInのプロフィールに追加したりできます。コースの内容の閲覧のみを希望する場合は、無料でコースを聴講できます。

さらに質問がある場合は、受講者向けヘルプセンターにアクセスしてください。