An introductory course on web hacking for information security beginners and web developers! Start web hacking in a fun way with this course!
Web Hacking and Security
Secure coding
Web hacking lessons for web developers and information security beginners!
Respond accurately to any risk situation, anytime.
Knowing the attack will help you to see the defense! When you look at a web service from the attacker's perspective, you will see more vulnerabilities than when you look at a web service from the defender's perspective! Also, rather than simply knowing the countermeasure, you need to know the attack accurately to come up with the correct countermeasure for the situation!
Web services are being created, modified, and constantly adding features at this very moment. There are many cases where these features are created and web services are created without any knowledge of potential threats. In this situation , knowledge of web hacking is not optional but essential !
This is an introductory course on web hacking for web developers and information security beginners. Later, lectures will be opened on the famous vulnerable virtual environments , WebGoat / DVWA / bWAPP . Start your web hacking journey with this course!
(※ The vulnerable virtual environment of the course to be opened may change in the future.)
This is the main table of contents you will learn in this lecture.
There are a total of 9 web hacking attack items that you can learn through this lecture!
For each web hacking vulnerability item, you can learn more easily through detailed attack principle analysis, and you can identify the core of the attack, which is very important from both attack and defense perspectives.
We will conduct practical training that is easy to follow, and through a large amount of practical training, you will easily understand web hacking attacks, and through practical training that applies secure coding directly, you will practice defending yourself as well as attacking!
A vulnerable virtual environment website is provided for use during the training.
The unique features of Creative Education are the detailed principles of attacks, various attack practices, and secure coding practices. Many web hacking-related education programs end with attack practices, and only look at general countermeasures.
However! Creative's training will teach you everything from attacks to secure coding, and you will develop skills to respond to each environment!
Who is this course right for?
Information Security Beginner
Information Security Expert
Web developers who want to know about web hacking
Web developers who want to know about secure coding
Need to know before starting?
Web Basics
Web Programming
SQL Basic Grammar
25,881
Learners
1,361
Reviews
497
Answers
4.9
Rating
18
Courses
:: 국내 정보보안 솔루션 개발 기업 재직 ::
- 앱 위변조 방지 솔루션 : 미들웨어 담당 / 해킹 대회 운영진 / 국내 유명 해킹/방어 훈련장 제작
:: 국내 정보보안 전문 업체 재직 ::
- 블랙박스 모의해킹 / 시나리오 기반 모의해킹 / 웹 취약점 진단 / 모바일 취약점 진단 / 소스코드 취약점 진단 / APT 모의 훈련 / DDoS 모의훈련 / 인프라 진단 / 스마트 가전 진단
- 국내 대기업, 중소기업 다수 진단
:: 외부 교육 및 활동 ::
- 멀티캠퍼스, 국가 보안 기술 연구소(ETRI)
- 국내 정보보안 업체 : 재직자 대상 "웹 모의해킹 심화 교육" 진행중
- 해커팩토리 문제 제작
:: 취약점 발견 ::
1) Web Application Server 취약점
- TMAX JEUS : 원격 명령어 실행 취약점(Remote Command Execution Vulnerability)
- IBM WebSphere(CVE-2020-4163) : 원격 명령어 실행 취약점(Remote Command Execution Vulnerability)
2) CMS(Contents Management System) 취약점
- 네이버 스마트에디터 : 파일 업로드 취약점
- 그누보드 : SQL Injection , 파일 업로드 취약점(그누보드4, 그누보드5), XSS ...
- 킴스큐 : 파리미터 변조 취약점 , 파일 업로드 취약점
* 이메일 : crehacktive3@naver.com
* 블로그 : http://www.crehacktive.co.kr
All
109 lectures ∙ (16hr 32min)
Course Materials:
All
221 reviews
4.8
221 reviews
Reviews 1
∙
Average Rating 5.0
5
There was a lot of practical content during the lecture, so it was good to understand the attack principles and differences in each attack method that are difficult to understand through theory alone. I liked that the attack target, attack principles, and countermeasures (detailed code) for each vulnerability were systematically organized and explained well.
Reviews 1
∙
Average Rating 5.0
Reviews 5
∙
Average Rating 5.0
5
I had to learn about security knowledge during a sudden job change, so I completed the course in 4 days. I really didn't know anything about security, but I was able to learn about where vulnerabilities can occur in the overall structure of the web. When I looked for lectures on the Internet, most of them seemed to only give an overview at a high level, but since there were examples, I remembered them a little more and was able to understand what kind of impact vulnerabilities have. However, I wish the setup guide for Mac users was a little more detailed. Other than that, I'm really satisfied with the lecture content.
Reviews 24
∙
Average Rating 4.9
Reviews 2
∙
Average Rating 5.0
5
It is clear that you have prepared the lectures with sincerity. Not only did I easily understand the major web vulnerability attacks, but I was also disappointed that many lectures only dealt with attacks, but you also provided information on secure coding and defense perspectives, so it was a meaningful lecture in many ways.
Thank you so much for recognizing the effort you put into the lecture! Everyone is only focused on offense, but defense is also very important~! Thank you so much for leaving a great review!
$42.90
Check out other courses by the instructor!
Explore other courses in the same field!
![File Upload Vulnerability Advanced Attack Techniques PART2 [Integrated Edition]Course Thumbnail](https://cdn.inflearn.com/public/courses/333012/cover/12bd40e1-1e17-493a-81b9-64ac5fed558e/333012.png?f=avif&w=420)
