Register Account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Mastering Command Injection - The Ultimate Hands-On Course
#1
[Image: Nqstj4.57o8rnpocu5i.jpg]

Mastering Command Injection - The Ultimate Hands-On Course
Published 9/2023
MP4 | Video: h264, 1280x720 | Audio: AAC, 44.1 KHz
Language: English | Size: 1.13 GB | Duration: 2h 1m
How to Find, Exploit and Defend Against Command Injection Vulnerabilities. For Ethical Hackers, Developers & Pentesters

What you'll learn

Learn how to find command injection vulnerabilities from a black box and white box perspective.

Gain hands-on experience exploiting command injection vulnerabilities using Burp Suite Community and Professional editions.

Learn secure coding practices to prevent and mitigate command injection vulnerabilities.

Learn how to exploit command injection vulnerabilities of varying difficulty levels.

Learn how to automate attacks in Python.

Requirements

Basic knowledge of computers (i.e. how to use the internet).

Basic knowledge of web fundamentals (HTTP requests, methods, cookies, status codes, etc.).

Latest version of Kali Linux VM (free download).

PortSwigger Web Security Academy account to access the labs (free registration).

Description

Command Injection is a critical security vulnerability that allows an attacker to execute arbitrary operating system commands on the server running the application, often leading to complete remote code execution. Therefore, mastering the ability to identify and exploit command injection vulnerabilities has become an essential and foundational skill.In this course, we dive into the technical details behind command injection vulnerabilities. We explore methods for detecting these vulnerabilities from both black-box and white-box perspectives, along with various techniques for exploiting them. Moreover, we provide insights into preventive and mitigative measures to safeguard against command injection attacks.This course goes beyond the basics, offering a well-balanced blend of theoretical knowledge and practical experience! It contains five hands-on labs of varying complexity levels, guiding you through the process of manually exploiting the vulnerability and then scripting and automating your exploits using Python.By the end of this course, you'll not only have a solid understanding of command injection vulnerabilities, but also the ability to identify and exploit these vulnerabilities in real-world applications. We've designed the course content to be beginner-friendly, so you'll never feel overwhelmed.Whether you are a penetration tester, an application security specialist, a bug bounty hunter, a software developer, an ethical hacker, or simply someone intrigued by web application security, this course is for you!

Overview

Section 1: Introduction

Lecture 1 Course Introduction

Section 2: Getting help

Lecture 2 Answering your questions

Lecture 3 Udemy tips and tricks

Section 3: Command Injection - Technical Deep Dive

Lecture 4 Agenda

Lecture 5 What Is Command Injection?

Lecture 6 How Do You Find Command Injection Vulnerabilities?

Lecture 7 How Do You Exploit Command Injection Vulnerabilities?

Lecture 8 How Do You Defend Against Command Injection Vulnerabilities?

Lecture 9 Resources

Section 4: Lab Environment Setup

Lecture 10 Lab Environment Setup

Section 5: Hands-On Command Injection Labs

Lecture 11 Lab #1 OS command injection, simple case

Lecture 12 Lab #2 Blind OS command injection with time delays

Lecture 13 Lab #3 Blind OS command injection with output redirection

Lecture 14 Lab #4 Blind OS command injection with out-of-band interaction

Lecture 15 Lab #5 Blind OS command injection with out-of-band data exfiltration

Section 6: Bonus Lecture

Lecture 16 Bonus Lecture

Penetration testers that want to understand how to find and exploit command injection vulnerabilities.,Software developers that want to understand how to defend against command injection vulnerabilities.,Bug bounty hunters that want to understand how to find and exploit command injection vulnerabilities.,Individuals preparing for the Burp Suite Certified Practitioner (BSCP) exam.,Individuals preparing for the OSWE certification.

Mastering Command Injection - The Ultimate Hands-On Course (1.13 GB)

KatFile Link(s)

[To see links please register or login]

RapidGator Link(s)

[To see links please register or login]

[Image: signature.png]
Reply



Forum Jump:


Users browsing this thread:
1 Guest(s)

Download Now   Download Now
Download Now   Download Now