Ir al contenido principal

Penetration Testing - Exploitation

Learn exploitation phase of penetration testing, including the foundations of explorations, application debugging, reverse engineering, exploitation development and web application exploitation.

Penetration Testing - Exploitation

Hay una sesión disponible:

Una vez finalizada la sesión del curso, será archivado.
Comienza el 21 oct
5 semanas estimadas
8–10 horas por semana
A tu ritmo
Avanza a tu ritmo
Gratis
Verificación opcional disponible

Sobre este curso

Omitir Sobre este curso

This is the 8th course in the intermediate, undergraduate-level offering that makes up the larger Cybersecurity Fundamentals MicroBachelors Program. We recommend taking them in order, unless you have a background in these areas already and feel comfortable skipping ahead.

  1. Information Security - Introduction to Information Security
  2. Information Security - Authentication and Access Control
  3. Information Security - Advanced Topics
  4. Network Security - Introduction to Network Security
  5. Network Security - Protocols
  6. Network Security - Advanced Topics
  7. Penetration Testing - Discovering Vulnerabilities
  8. Penetration Testing - Exploitation
  9. Penetration Testing - Post Exploitation

These topics build upon the learnings that are taught in the introductory-level Computer Science Fundamentals MicroBachelors program, offered by the same instructor.

This is a self-paced course that continues the development of ethical hacking skills. The curriculum provides an introduction to the exploitation phase of penetration testing topics. Among the topics covered are foundations of explorations, application debugging, reverse engineering, exploitation development, and web application exploitation. In this class, students learn the third phase of penetration testing; exploitation. In the exploitation phase, the penetration testers try to exploit security weaknesses actively. Exploits are developed to, for example, gather sensitive information or to enable the ethical hacker to compromise a system and manifest themselves on it. Once a device is successfully compromised, it is quite often possible to penetrate more systems because the malicious users now have access to more potential targets that were not available before. The additional marks are accessible because the compromised system can interact with internal devices that are not accessible from the Internet. For any new targets, the reconnaissance and enumeration phases are re-entered, to gather information about these new systems and exploit them.

Industry Certification Preparation
This program covers much of the material that is assessed on the CompTIA’s Security+ certification exam. Upon program completion, verified track learners will receive a 36% discount code for the CompTIA Security+ exam.

Coaching
If you are enrolled in the verified track (paid track) in any course that is a part of a MicroBachelors program, including this course, you are eligible for coaching at no additional cost. Please note that coaching is only available via SMS to U.S. phone lines.

Our coaches (real humans) are ready to help you with career exploration, navigating resources, staying motivated, and solving problems along the way to your goals.

Learn more about the value of coaching directly from one of our coaches, Erin.

De un vistazo

Lo que aprenderás

Omitir Lo que aprenderás
  1. Apply methodology to penetration tests to ensure they are consistent, reproducible, rigorous, and under quality control.
  2. Analyze the results from automated testing tools to validate findings, determine their business impact, and eliminate false positives.
  3. Discover key application flaws.
  4. Use programming to create testing and exploitation scripts during a penetration test.
  5. Discover and exploit SQL Injection flaws to determine true risk to the victim organization.
  6. Create configurations and test payloads within other web attacks.
  7. Fuzz potential inputs for injection attacks.
  8. Explain the impact of exploitation of application flaws.
  9. Analyze traffic between the client and server application using tools.
  10. Discover and exploit Cross-Site Request Forgery (CSRF) attacks.

Plan de estudios

Omitir Plan de estudios

Week 1 - Exploitation Pt 1 - Foundations

Week 2 - Exploitation Pt 2 – App Debugging Reversing, and Exploit Development

Week 3 - Exploitation – Web App Pt 1

Week 4 - Exploitation – Web App Pt 2

Week 5 - Final Exam

Acerca de los instructores

¿Quién puede hacer este curso?

Lamentablemente, las personas residentes en uno o más de los siguientes países o regiones no podrán registrarse para este curso: Irán, Cuba y la región de Crimea en Ucrania. Si bien edX consiguió licencias de la Oficina de Control de Activos Extranjeros de los EE. UU. (U.S. Office of Foreign Assets Control, OFAC) para ofrecer nuestros cursos a personas en estos países y regiones, las licencias que hemos recibido no son lo suficientemente amplias como para permitirnos dictar este curso en todas las ubicaciones. edX lamenta profundamente que las sanciones estadounidenses impidan que ofrezcamos todos nuestros cursos a cualquier persona, sin importar dónde viva.

¿Te interesa este curso para tu negocio o equipo?

Capacita a tus empleados en los temas más solicitados con edX para Negocios.