Specialized Testing: Command Injection
Poor web application security hygiene can lead to total network compromise. This course will teach you to identify the vectors and techniques threat actors use to gain access to networks and systems using command injection.
What you'll learn
According to the globally recognized Open Web Application Security Project (OWASP), command injection is among the top three critical web application vulnerabilities that allow attackers to gain control over systems where they can attack infrastructure, steal information, and many other malicious actions. In this course, Specialized Testing: Command Injection, you’ll learn to identify, test, and mitigate vectors and techniques threat actors use to perform command injection. First, you’ll explore the mechanics of command injection. Next, you’ll discover how to find and test vulnerable web application entry points for command injection. Finally, you’ll learn how to deploy mitigation strategies. When you’re finished with this course, you’ll have the skills and knowledge of testing for command injection needed to audit web applications.
Table of contents
About the author
Michael is a Senior Security Consultant with 10+ years of experience in the public and private sectors. He is a proactive and iterative cyber threat hunter specializing in detection engineering, DFIR, and automation. Michael has led teams and directed collaborative efforts to develop and implement strategies for mitigating evolving threat trends. He is the Founder and Principal Consultant of Sawbox Consulting, where he identifies and resolves security issues, implements solutions and evaluates s... more