OWASP gives students an understanding on how each of these vulnerabilities that puts organizations at risk.
Difficulty: Multilevel CSF Domain: All domainsPhishing attacks are the lynchpin of many organizational breaches and exploitations. Cyber security professionals that understand this also understand that many of these attacks are successful due to lack of understanding by end users. This course will teach cyber security professionals how to perform a phishing attack and illustrate the importance of cyber security awareness when browsing the internet.
Part of a comprehensive defense-in-depth implementation includes testing new capabilities and applications before implementing them into an organizations production network. This course illustrates how students can conduct testing against newly developed web applications to ensure they do not pose a risk to organizational assets.
SQL Injection is a common technique used by hackers and red teams to infiltrate database systems via the Web UI. In this lab, we will give student hands-on experience with this type of attack.
Students will learn the importance of data integrity through comparative analysis of hash algorithm output. Leveraging hashing tools, students will learn how to ensure that data is not compromised post-incident.
Students will identify web application cookies, interact with Burp, and a MITM attack.
Students will experience the different components of a distributed denial of service attack.
In early 2018, security researchers discovered several nefarious Chrome extensions that were making unwanted calls to ad servers. This resulted in the removal of these Chrome extensions from the Google Extension Store and a heightened awareness to the possible effects of Chrome extensions on business networks.
Kali Linux has a multitude of command line tools that can be used to harvest DNS information from public servers. As a technical cybersecurity professional, it will be your responsibility to put these tools to use. Also, you will need to use Ubuntu Linux in order to focus your web queries within Google's search engine. In this case, you will be using the Nexus to tie these skills together in order to get familiar with real-world information gathering situations.
Understanding how website applications are developed is an important skill to have when securing your personal or company website. The back and forth communication between a client and a server can be the difference between a secure web app and a vulnerable one. In this lab, as a website application developer, it is your responsibility to understand how HTTP request methods are used and how it ties in to developing a secure website.