• Length:
    5 Weeks
  • Effort:
    8–10 hours per week
  • Price:

    FREE
    Add a Verified Certificate for $166 USD

  • Institution
  • Subject:
  • Level:
    Intermediate
  • Language:
    English
  • Video Transcript:
    English
  • Course Type:
    Self-paced on your time

Associated Programs:

About this course

Skip About this course

This is a self-paced course that continues the development of ethical hacking skills. The curriculum provides an introduction to the exploitation phase of penetration testing topics. Among the topics covered are foundations of explorations, application debugging, reverse engineering, exploitation development, and web application exploitation. In this class, students learn the third phase of penetration testing; exploitation. In the exploitation phase, the penetration testers try to exploit security weaknesses actively. Exploits are developed to, for example, gather sensitive information or to enable the ethical hacker to compromise a system and manifest themselves on it. Once a device is successfully compromised, it is quite often possible to penetrate more systems because the malicious users now have access to more potential targets that were not available before. The additional marks are accessible because the compromised system can interact with internal devices that are not accessible from the Internet. For any new targets, the reconnaissance and enumeration phases are re-entered, to gather information about these new systems and exploit them.

What you'll learn

Skip What you'll learn
  1. Apply methodology to penetration tests to ensure they are consistent, reproducible, rigorous, and under quality control.
  2. Analyze the results from automated testing tools to validate findings, determine their business impact, and eliminate false positives.
  3. Discover key application flaws.
  4. Use programming to create testing and exploitation scripts during a penetration test.
  5. Discover and exploit SQL Injection flaws to determine true risk to the victim organization.
  6. Create configurations and test payloads within other web attacks.
  7. Fuzz potential inputs for injection attacks.
  8. Explain the impact of exploitation of application flaws.
  9. Analyze traffic between the client and server application using tools.
  10. Discover and exploit Cross-Site Request Forgery (CSRF) attacks.

Week 1 - Exploitation Pt 1 - Foundations

Week 2 - Exploitation Pt 2 – App Debugging Reversing, and Exploit Development

Week 3 - Exploitation – Web App Pt 1

Week 4 - Exploitation – Web App Pt 2

Week 5 - Final Exam

Meet your instructors

Aspen Olmsted
Adjunct Professor
New York University Tandon School of Engineering

Pursue a Verified Certificate to highlight the knowledge and skills you gain
$166 USD

View a PDF of a sample edX certificate
  • Official and Verified

    Receive an instructor-signed certificate with the institution's logo to verify your achievement and increase your job prospects

  • Easily Shareable

    Add the certificate to your CV or resume, or post it directly on LinkedIn

  • Proven Motivator

    Give yourself an additional incentive to complete the course

  • Support our Mission

    EdX, a non-profit, relies on verified certificates to help fund free education for everyone globally

Who can take this course?

Unfortunately, learners from one or more of the following countries or regions will not be able to register for this course: Iran, Cuba and the Crimea region of Ukraine. While edX has sought licenses from the U.S. Office of Foreign Assets Control (OFAC) to offer our courses to learners in these countries and regions, the licenses we have received are not broad enough to allow us to offer this course in all locations. EdX truly regrets that U.S. sanctions prevent us from offering all of our courses to everyone, no matter where they live.