FREE COURSE: Hack yourself first (before the bad guys do)
by Computerworld, computerworld.com
August 5 03:09 AM
If you can’t think like a hacker, it’s difficult to defend against them. Such is the premise of this free, nine-part online course, presented by Computerworld and training company Pluralsight, about how to go on the cyber-offensive by using some of the same techniques and tools the bad guys do.
This course comes at security from the view of the attacker in that their entry point is typically the browser. They have a website they want to probe for security risks — and now you can learn how they go about it. This approach helps IT managers and staffers, developers and others to begin immediately assessing their applications even when the apps are already running in a live environment without access to the source. After all, that’s what the attackers are doing.
You’ll learn about transport-layer protection, cross-site scripting, cookies, internal implementation disclosure, parameter tampering, SQL injection, cross-site attacks and account management. Exercises, transcripts and online discussions with classmates and the instructor are available. Total running time of the course is 9 hours, 25 minutes.
Course instructor Troy Hunt is a Microsoft MVP for developer security and has been building software for browsers since the very early days of the Web. Troy has produced more than seven top-rated courses for Pluralsight. As the creator of the Automated Security Analyser for ASP.NET Websites (ASafaWeb), Troy blogs regularly about Web security and is a frequent speaker at industry conferences.