EC-Council’s Web Application Hacking and Security is a specialization certification that enables the cybersecurity workforce to learn, hack, test, and secure web applications from existing and emerging security threats in the industry verticals. Understand, Exploit, And Defend Yourself Against Topmost Web Vulnerabilities With A Comprehensive Hands-On, Lab-Based, Guided, Mastery Course Designed By The Team That Brought You CEH

  • Advanced Web Application Penetration Testing
  • Advanced SQL Injection (SQLi)
  • Reflected, Stored and DOM-based Cross Site Scripting (XSS)
  • Cross Site Request Forgery (CSRF) – GET and POST Methods
  • Server-Side Request Forgery (SSRF)
  • Security Misconfigurations
  • Directory Browsing/Bruteforcing
  • CMS Vulnerability Scanning
  • Network Scanning
  • Auth Bypass
  • Web App Enumeration
  • Dictionary Attack
  • Insecure Direct Object Reference Prevention (IDOR)
  • Broken Access Control
  • Local File Inclusion (LFI)
  • Remote File Inclusion (RFI)
  • Arbitrary File Download
  • Arbitrary File Upload
  • Using Components with Known Vulnerabilities
  • Command Injection
  • Remote Code Execution
  • File Tampering
  • Privilege Escalation
  • Log Poisoning
  • Weak SSL Ciphers
  • Cookie Modification
  • Source Code Analysis
  • HTTP Header modification
  • Session Fixation
  • Clickjacking

EC-Council Web Application Hacking and Security

ادامه مطلب

SEC595 provides students with a crash-course introduction to practical data science, statistics, probability, and machine learning. The course is structured as a series of short discussions with extensive hands-on labs that help students to develop useful intuitive understandings of how these concepts relate and can be used to solve real-world problems. If you’ve never done anything with data science or machine learning but want to use these techniques, this is definitely the course for you! 30 Hands-on Labs

ادامه مطلب

The ability to perform digital investigations and incident response is a critical skill for many occupations. Unfortunately, digital investigators frequently lack the training or experience to take advantage of the volatile artifacts found in physical memory. Volatile memory contains valuable information about the runtime state of the system, provides the ability to link artifacts from traditional forensic analysis (network, file system, registry), and provides the ability to ascertain investigative leads that have been unbeknownst to most analysts. Malicious adversaries have been leveraging this knowledge disparity to undermine many aspects of the digital investigation process with such things as anti-forensics techniques, memory resident malware, kernel rootkits, and encryption (file systems, network traffic, etc.). The only way to turn-the-tables and defeat a creative digital human adversary is through talented analysts.

This course demonstrates why memory forensics is a critical component of the digital investigation process and how investigators can gain the upper hand. The course will consist of lectures on specific topics in Windows, Linux, and Mac OS X memory forensics followed by intense hands-on exercises to put the topics into real world contexts. Our goal is to give you practical experience with all the major facets of memory analysis. For example, you’ll defeat disk encryption, recover cached passwords, investigate insider theft, compliment network forensics with data you find in memory, and hunt for attackers throughout corporate networks. We still leave enough room for detecting common RATs and hacker tools, reversing packed/compressed malicious code, and generating timelines from memory. You’ll even customize your own automated memory artifact scanner and engage in a fast-paced, challenging CTF that involves corroborating evidence across multiple memory samples (i.e., Windows PCs, Linux servers).

Memory Analysis: Malware and Memory Forensics Training

ادامه مطلب

This course teaches the foundations of satellite cybersecurity by guiding you through the reconnaissance, communication dissection, decoding, and vulnerability analysis of satellite systems through interactive activities and tutorials. Learn about the underlying concepts of what makes satellite network infrastructure function and apply your knowledge to conduct digital forensics on real life satellites in orbit.

Syllabus

Satellite Reconnaissance

Communication Analysis and Eavesdropping

Reverse Engineering and Decoding Communication

Vulnerabilities and Attacks

Aerospace Cybersecurity: Satellite Hacking (W53)

ادامه مطلب

EC-Council Certified DevSecOps Engineer (ECDE) is a hands-on, instructor-led comprehensive DevSecOps certification program which helps professionals to build essential knowledge and abilities in designing, developing, maintaining a secure applications and infrastructure. This course is blended with both theoretical knowledge as well as the practical implementation of DevSecOps in your on-prem and cloud-native (AWS and Azure) environment The course covers integration and automation of all the major and widely used tools, processes, and methodologies of DevSecOps that help organizations to build secure applications rapidly in a DevOps environment

Syllabus

Module 01: Understanding DevOps Culture
Module 02: Introduction to DevSecOps
Module 03: DevSecOps Pipeline-Plan Stage
Module 04: DevSecOps Pipeline-Code Stage
Module 05: DevSecOps Pipeline-Build and Test Stage
Module 06: DevSecOps Pipeline-Release and Deploy Stage
Module 07: DevSecOps Pipeline-Operate and Monitor Stage

EC-Council: Certified DevSecOps Engineer

ادامه مطلب

Introducing the first Blockchain Professional Training and Blockchain Certification Program to set the global standard in Blockchain Technology. The Certified Blockchain Professional (CBP) Course was developed to help professionals gain the knowledge they need in Blockchain technology to understand its impact on business and beyond. The Certified Blockchain Professional is fully vendor-agnostic and practical, focusing on the current state of blockchain technology as well as its future potential. The Certified Blockchain Professional course digs deep into the main characteristics and features of the distributed ledger technology (DLT) as well as introduces Blockchain’s new 3S (Secure-Scalable-Sustainable) proprietary framework. Students will also get a deep understanding of blockchain technology and mining of cryptocurrency.

Syllabus

Chapter 1 – Introduction
Chapter 2 – Financial Applications
Chapter 3 – Crypto Assets
Chapter 4 – Blockchain Project Implementation
Chapter 5 – Bitcoin
Chapter 6 – Blockchain as a Service
Chapter 7 – Security
Chapter 8 – Ethereum
Chapter 9 – Open-Source Biz
Chapter 10 – Decentralized Apps
Chapter 11 – Scalable Blockchain
Chapter 12 – Industry Use Cases
Chapter 13 – IoT and Blockchain

EC-Council: Certified Blockchain Professional For Business Leaders

ادامه مطلب