Have you ever wondered about how web applications are attacked in the real world and what you can do to mitigate every attack? The Web Defense Professional Learning Path will illustrate exactly how each attack works, what the impact of each attack is, how to fix it, and how the exploit no longer works after the fix. This learning path will also give you in-depth, practical advice about how to simplify your defense and how to implement attack mitigations that actually work (regardless of you having access to the source code or not). In addition, it will cover mitigation advice for multiple platforms and languages, the OWASP Testing Guide, detailed techniques and methodology to simplify the defense of web applications, advanced usage of OWASP ZAP, OWASP OWTF, ModSecurity, and more. The Web Defense Professional Learning Path also prepares you for the eWDP exam and certification.
ادامه مطلب

The Advanced Penetration Testing Learning Path provides all the advanced skills required to carry out a thorough and professional penetration test against modern networks and infrastructure, such as the ability to execute state-sponsored-like operations and advanced adversary simulations.

You must be familiar with PowerShell scripting, Active Directory administration and Windows internals knowledge, basic reverse engineering skills, and possess a good working knowledge of network protocols, as the content dives into all stages of a red-teaming engagement.

Learning path at a glance:
-Implementation details on numerous undocumented attacks
-Obscure ways of exploitation and backdooring
-Advanced client-side exploitation techniques
-Custom attack vector and payload creation
-Custom payload creation techniques
-In-depth analysis of Active Directory exploitation
-Stealthy lateral movement and evasion against modern defenses
-In-depth analysis of critical domain infrastructure exploitation
-In-depth details of common misconfigurations and weaknesses
-Details for covert operations and stealthy persistence

eCPTX

ادامه مطلب

If you’re looking for the most practical way into the exploit development and software security world look no further. The Exploit Development Student Learning Path provides not only the fundamentals of Windows and Linux exploit development but also covers advanced Windows and Linux exploit development techniques, as well as anti-exploit mechanism bypasses. In addition, you’ll learn software debugging, shellcoding, how to identify and fully exploit 0-day vulnerabilities, bypassing modern anti-exploit mechanisms, how to use tools such as Immunity Debugger, x32dbg, Mona, Pwntools, GDB, RopperThis, and more. This learning path also prepares you for the eCXD exam and certification.

eCXD

ادامه مطلب
Are you looking to gain the theoretical and practical knowledge required to perform advanced reverse engineering of third-party software and malware on the assembly language level? The Reverse Engineering Professional Learning Path will teach you several methods to identify, isolate, and finally, analyze portions of code which are of high interest, as well as the most common Windows APIs utilized for file, memory, and registry manipulation by either software protections (such as packers) or malware. During the learning process, you will also get insights into the most common anti-reversing tricks, including different code obfuscation methods, and how to bypass them. The Reverse Engineering Professional Learning Path also prepares you for the eCRE exam and certification.
Learning Objects
  1. Reverse Engineering Foundations
  2. Practical Reverse Engineering

eCRE

ادامه مطلب

Interested in assessing and mitigating advanced web application risks an organization could potentially be exposed to? The Advanced Web Application Penetration Tester Professional Learning Path provides all the advanced skills necessary to carry out a thorough and advanced penetration test against modern web applications, as well as prepares you for the eWPTX exam and certification.

Learning Objective:

-Based on techniques professional pentesters use
-Master advanced Web Application attacks & security tools
-In-depth Web Application Vulnerabilities analysis
-Covers XSS, SQL Injection, HTML5, and much more
-In-depth obfuscation and encoding techniques
-Bypassing filters and WAF techniques included
-Explore HTML5 and XML attacks vectors and exploits
-Explore advanced PHP, Java, Deserialization, LDAP, Server Side, and Authentication/SSO attacks
-Learn effective API & Cloud-powered Application penetration testing
-Demystifies Java RCE internals, attacking RMI-based JMX services, JNDI injection attacks, PHP Objection Instantiation, PHP Type Juggling, constructing Property Oriented Programming chains, and attacking memory-unsafe languages

eWPTX

ادامه مطلب

Interested in learning how to assess and mitigate real-world web application vulnerabilities an organization could potentially be exposed to? The Web Application Penetration Testing Learning Path is a comprehensive and structured journey designed to equip aspiring penetration testers, Web App Security Professionals, Bug Bounty Hunters, and web developers with the essential skills and knowledge required to plan and perform a thorough and professional web application penetration test and how to effectively identify, exploit, and mitigate vulnerabilities in modern web applications. The Web Application Penetration Tester Professional Learning Path provides you with all the advanced skills required to carry out a thorough and professional penetration test against modern web applications, as well as prepares you for the eWPTv2 exam and certification.

Learning Objects

  1. Web Application Penetration Testing Methodology

  2. Information Gathering & Reconnaissance

  3. Web Application Analysis & Inspection

  4. Web Application Vulnerability Assessment

  5. Web Application Security Testing

  6. Manual exploitation of Common Web Application Vulnerabilities

  7. Web Service Security Testing

eWPTv2

ادامه مطلب