인프런 - 라이프타임 커리어 플랫폼

Many security hacking incidents are occurring by utilizing OSINT (Open Source Intelligence) search services. We will discuss how to utilize it to first monitor and eliminate potential security threats from an offensive perspective before an attack occurs.

Network packet analysis is essential when conducting incident analysis and vulnerability analysis. Among the tools available, Wireshark is the most widely used, and this course covers the complete utilization of Wireshark and provides understanding through incident analysis case studies.

This is an introductory malware analysis course that even beginners can easily understand. Based on methodologies such as static analysis, dynamic analysis, and automated analysis of malware analysis, you will analyze various sample cases. It also covers in detail how to use various tools necessary for malware analysis.

You can learn about the functional utilization of OWASP-ZAP, a web proxy required for running web services, and the virtual environment image Security Onion for analyzing breach response according to attack patterns.

From beginners to practitioners who are curious about mock hacking work and web application vulnerabilities, it can be viewed. The following contents are covered: Bee-box is a virtual environment where bWAPP (buggy Web Application), an open source web application that can attack web vulnerabilities, is installed, and it includes the latest system attack techniques and the difficulty level is adjusted for each item.

This is a practical course that allows you to learn and practice from basic app analysis to applying source code response measures using an Android mobile virtual banking app. It is a course that can be taken from beginners to intermediate or higher. It is a required subject for those who have chosen the mock hacking career path.!!

RTL (Red Team Lite) is an introductory red team course that teaches the concepts and technical elements required for full-chain red team penetration testing—including attacker infrastructure setup, C2 advancement, payload creation, information gathering, initial compromise, foothold establishment, privilege escalation, lateral movement, post-exploitation, and data exfiltration—through real-world attacker TTPs.

This lecture is designed for understanding even if you have no prior knowledge of what Secure Coding (Security Coding) is. After covering basic security coding concepts, it focuses on web service security. This was a special lecture presented under the auspices of OO University. It presents over 160 source codes with rich comments, pinpointing core topics and techniques immediately applicable in practice.

We have created a method for mobile diagnostic methods (static/dynamic) that can be learned by following the practice app and lecture materials. It covers everything from the basics to the techniques and tips used in practice, so it will be of great help to mobile consultants.

The ultimate web hacking! File upload vulnerability attack technique! Part 2 of the 'Part 1' education follows Part 1 and covers more advanced techniques.

The ultimate web hacking! File upload vulnerability attack technique! Part 2 of the '2nd part' education follows Part 1 and covers more advanced techniques.

We will take a closer look at the working principles through core theories and practices of the OAuth 2.0 protocol. And we will analyze the OAuth 2.0 protocol from the perspective of hacking and security.

The ultimate web hacking master! File upload vulnerability attack technique! This is a training that will further improve the students' web hacking skills through a completely different approach from the existing known methods!

You can learn how to fully utilize Frida, which is used in mock hacking practice.

This lecture is a free special lecture for those who have chosen a career in IT security from Boan Project (www.boanproject.com). It will be especially helpful if you have chosen a career in mock hacking.

This course is a guide for those who have chosen a career in IT security or those who wish to pursue it.

[Reflecting the latest related regulations and guidelines presented by the Korea Financial Security Institute, Financial Supervisory Service, and Personal Information Protection Commission] This is a course where you learn how an organization's security governance and internal control systems should operate through actual financial security incident cases. You will analyze the causes of incidents and response processes, and based on this, learn effective security policy establishment, risk management, and compliance response methods. The goal is to build security culture and control systems across the entire organization, going beyond technical responses.

2025 Electronic Financial Infrastructure (OS Virtualization, Container Virtualization) Inspection Know-how Transfer and 2025 Second Half Revised Major Information and Communication Infrastructure (CA,HV) Inspection Know-how Transfer In particular, providing Risk assessment for core hypervisors (ESXi, Xenserver) with the latest versions Additionally providing Risk assessment for K8S(Kubernetes_master), Docker, etc. Finally, providing vulnerability analysis and assessment results that meet CSAP (Cloud Management System Certification) standards **Providing installation methods for ESXi, Kubernetes master, Docker, Xencenter

We will cover all the challenges in Nebula, a wargame that will help you develop your system hacking skills, from start to finish, including setting up a practice environment. You will also learn the computer science knowledge required for each challenge.

The basic steps to learn SQL injection attacks, the flower of web hacking! This is a lecture on basic SQL grammar!