3 min read
In January, I have been contacted by the ECC Code Red with question if I can create an information security course on their platform. I have never done that before, so I was a little hesitate about it. I feel confident about my content creation skills, I have done a handful of short presentation both at work and university - but never full-blown online course. Nevertheless, that was a great opportunity for me to reach out to a bigger audience, so I've accepted the deal.
✔ Who is this course for?
✔ Pentesters and persons performing audits of the web-facing applications;
✔ Quality and Assurance teams, to help them test for the potential attack vectors;
✔ Those who want to broaden their knowledge in the cybersecurity field;
⭐ Key features
⭐ Introduce security protocols to the daily work, spot and patch the potential attack vectors
⭐ Make yourself more visible among other candidates on the market with a unique and valuable set of skills
⭐ Learning ethical hacking may sound intimidating at first, but by following lab materials you will grow confidence to further study this area
This course includes hands-on labs supported by a brief introduction to the topic being showcased, concluded with a straight to the point summary. I will guide you through creating your Kali Linux attack environment. We will be working with pre-built vulnerable web applications (Juice Shop, DVWA) when analyzing the newest OWASP Top Ten 2021 - well-known awareness document acting as a standard for developers and web application security specialists. Then in each section, by presenting the simplified code, we will try to fix the vulnerability by applying the suggested prevention techniques.
Source code, links and materials used during the course will be available for you to download.
🍪 By participating in this course, you will:
🍪 discover the latest OWASP Top Ten 2021 list;
🍪 test your understanding on a custom vulnerable application curated specifically for this course;
🍪 familiarize with core pentesting approaches and methods to streamline your future activities;
🍪 practice usage of popular tools like Burp Suite;
🍪 write your own exploits;
🍪 learn how to write more secure code;
🍪 become less vulnerable to the phishing attempts, by recognizing them;
🍪 improve your overall security posture.
🔸 Section 1: Introduction and Ethical Hacking
🔸 Section 2: Hacking Lab Setup
🔸 Section 3: Software and Data Integrity Failures (A08:2021)
🔸 Section 4: Identification and Authentication Failures (A07:2021)
🔸 Section 5: Vulnerable and Outdated Components (A06:2021)
🔸 Section 6: Security Misconfiguration (A05:2021)
🔸 Section 7: Injection (A03:2021)
🔸 Section 8: Broken Access Control (A01:2021)
🔸 Section 9: Conclusion
🔍 Still not convinced?
I have put into that course two months of effort, working on it in my spare time. I can vouch for the quality of content and I made sure this is not some kind of boring lecture, so I put as much practice as possible. I know the editorial team on the Code Red did their part on editing raw videos, so I know you are getting the great value for your money. Also from what I know, courses on Code Red are packaged in a bundles, rather than being sold individually, so there is a change you will find another course to sink into it :)
Sneak-peek and more available on the course page.
Did you find this article valuable?
Support Kamil Gierach-Pacanek by becoming a sponsor. Any amount is appreciated!