Application Vulnerability Testing
- Description
- Curriculum
- Reviews
Description
This course provides a comprehensive introduction to web and binary exploitation, offering practical skills for identifying and addressing vulnerabilities in cybersecurity. It begins with an exploration of web technologies, including DNS, HTTP, URLs, and cookies, followed by an in-depth study of exploitation techniques such as SQL Injection, Cross-Site Scripting, and Command Injection, reinforced by quizzes. The focus then shifts to binary exploitation, covering ELF files, memory structures, and assembly instructions, with hands-on training in Buffer Overflows, Return-Oriented Programming, and challenges like ret2win and ret2libc. Designed for those interested in ethical hacking or penetration testing, this course delivers a solid foundation in analyzing and mitigating security risks across both web and binary environments.
Learning Objectives:
- Understand the fundamentals of web and binary exploitation techniques.
- Identify common vulnerabilities in web applications, such as SQL Injection.
- Gain experience in using tools like Burp Suite and GDB for vulnerability testing and analysis.
- Dive into binary exploitation methods such as ret2shellcode, ret2win, and ret2libc.
- Apply secure coding and ethical hacking practices to prevent and mitigate vulnerabilities.
-
2
Introduction to Web ExploitationThis module introduces web exploitation fundamentals, covering DNS, HTTP over TCP, URL anatomy, HTTP requests, status codes, cookies, sessions, web file structures, request generation, and developer tools, all tied to the attack chain phases. -
3
Introduction to Web Exploitation Quiz
-
4
Web Exploitation TechniquesThis module dives into key web exploitation techniques, including Command Injection, SQL Injection, Insecure Direct Object Reference (IDOR), Local File Inclusion (LFI), Server-Side Template Injection (SSTI), Cross-Site Request Forgery (CSRF), and Cross-Site Scripting (XSS), while exploring tools and mitigation strategies to counter these vulnerabilities.
-
5
Web Exploitation Techniques Quiz
-
6
Binary Exploitation FundamentalsThis module introduces binary exploitation, outlining prerequisites and tools, and delving into ELF files, executable programs, libc shared objects, memory layouts, registers, assembly instructions, the stack, calling conventions, and security mitigations like NX, ASLR, Stack Canary, and RELRO.
-
7
Binary Exploitation Fundamentals Quiz
-
8
Binary Exploitation TechniquesThis module explores advanced binary exploitation techniques, including Buffer Overflow, Variable Overwrite challenges with GDB demos, system calls, Shellcode Execution, ROP (Return-Oriented Programming), stack alignment, and guided challenges like ret2shellcode, ret2win, and ret2libc, plus Heap and Kernel Exploitation.
-
9
Binary Exploitation Techniques Quiz
