Buying for a Team? Gift This Course
Wishlisted Wishlist

Please confirm that you want to add Certified Secure Coder- Java (CSC-Java) to your Wishlist.

Add to Wishlist

Certified Secure Coder- Java (CSC-Java)

This course teaches how to hack and secure Java. Owasp top10(A1 to A10) for Java.
4.0 (58 ratings)
Instead of using a simple lifetime average, Udemy calculates a course's star rating by considering a number of different factors such as the number of ratings, the age of ratings, and the likelihood of fraudulent ratings.
646 students enrolled
Last updated 1/2015
English
$10 $20 50% off
4 days left at this price!
30-Day Money-Back Guarantee
Includes:
  • 4 hours on-demand video
  • Full lifetime access
  • Access on mobile and TV
  • Certificate of Completion
Have a coupon?
Description

This course teaches the programmers on how to exploit(hack) and defend against various attacks on Java. The course is designed around OWASP Top10 which is common standard which is used in design, architecture, testing of web applications.

The course contains video/audio lectures. It has Theory on Java web programming(Exploit, Defense) . It also has Demos of exploitation and Defense. It gives students practical insight into coding web application in Java securely. We recommend students to study the course over a period of 15 days and attempt the quiz at the end of the period. we also recommend students to study various resource material available on the internet in various forums including OWASP official website.

The course is structured according to OWASP Top 10 from A1 to A10. In each of the OWASP Top10 sessions we have categorized presentation, exploitation, defense. Any programmer who is programming in Java, should take this course. Secure Java programmers are prefered by organisations across the globe.

Who is the target audience?
  • Programmers who code in Java
  • Design Engineers, Architects who design or architecture for Java based programs
  • Security testers and Functional testers who test Java based programs
  • Java EE programmers
Students Who Viewed This Course Also Viewed
What Will I Learn?
Learn to Hack and Write Secure Java code
Learn the OWASP Top10 Methodology A1 - A10
Apply the above OWASP Top10 methodology on Java programming
View Curriculum
Requirements
  • Basic programming in Java
  • web based programming language
Curriculum For This Course
Expand All 73 Lectures Collapse All 73 Lectures 04:03:39
+
A1-Injection
10 Lectures 39:50

This lecture has external link to setup the java vulnerable labs

Introduction to SQL Injection
04:25

Login Bypass using SQL Injection -Demo
03:37

Union Exploitation Technique -Presentation
05:52

Union Exploitation Technique -Demo
04:05

Blind SQL Injection Presentation
05:11

Blind SQL Injection - Demo(Manual)
06:17

Blind SQL Injection - Demo(Automated)
02:17

SQL Injection Prevention
02:03

SQL Injection Prevention - Demo (Input Validation)
03:33

SQL Injection Prevention - Demo (Prepared Statement)
02:30
+
HTML Injection
2 Lectures 06:25
HTML Injection PPT
01:17

HTML Injection Demo
05:08
+
XML Injection
3 Lectures 07:50
XML Injection PPT
02:30

XML External Entity Injection Demo
03:54

XML External Entity Injection Prevention demo
01:26
+
XSLT Injection
3 Lectures 09:22
XSLT Injection PPT
01:15

XSLT Demo
04:14

XSLT Prevention
03:53
+
Xpath injection
3 Lectures 07:44
Xpath Injection PPT
01:35

XPath Demo
04:49

XPath injection Prevention
01:20
+
ORM Injection
3 Lectures 04:46
ORM injection Presentation
00:57

ORM injection Demo
02:16

ORM Prevention
01:33
+
A2- Broken Authentication and Session Management
5 Lectures 20:30
Broken Authentication and Session Management - Presentation
07:28

Improper Restriction of Excessive Authentication Attempts - Demo
02:13

Captcha - Demo
05:07

Usage of Cookies without Validation & Integrity Checking in a Security Decision
01:32

Avoiding usage of cookie data for a security-related decision - Demo
04:10
+
A3- Cross Site Scripting (XSS)
9 Lectures 26:21
Introduction to XSS
02:28

Reflected XSS - Presentation
03:17

Reflected XSS - Demo
02:25

Stored XSS - Presentation
05:37

Stored XSS - Demo
02:49

XSS Prevention - Presentation
02:41

XSS Prevention - Demo(JSTL Tag)
01:41

XSS Prevention - Demo (ESAPI)
02:19

XSS Prevention - Demo(HTTP-Only Flag)
03:04
+
A4- Insecure Direct Object References
6 Lectures 18:49
Insecure Direct Object References - Presentation
03:39

Reading Sensitive data of other users - Demo
01:44

Modifying Data of other users - Demo
02:17

Reading Arbitrary files - Demo
02:19

Insecure Direct Object References Prevention - Presentation
02:02

Insecure Direct Object References Prevention - Demo
06:48
+
A5- Security Misconfiguration
4 Lectures 10:06
Security Misconfiguration - Presentation
02:42

Default Login Credentials - Demo
01:53

Default Error Page - Demo
02:37

Prevention Demo - Error Handling
02:54
5 More Sections
About the Instructor
4.0 Average rating
1,011 Reviews
17,275 Students
10 Courses

Cyber Security and Privacy Foundation Pte Ltd. is a Consulting, Services & Training Company based in Singapore. We do Vulnerability Assessment, Penetration Testing, Web Application Security Testing, Mobile Application Security Testing and Cyber Security Training. We do zero day security assessment and APT analysis and technical security certifications for organisation.

Cyber Security & Privacy Foundation, India is setup with objective to do non commercial work. It has around 14000+ members and almost 9000+ students and CISO's of major companies on its board. We are involved in active research in field on cyber security, web portal security management, product research which is useful for all computer users.

J Prasanna : 20+ year full time experience in field of computer security. He has worked for anti virus companies & run my own consulting companies. He have worked on standards implementation, consulting, testing, handled team of security experts, coders & networking experts. Can provide value to any organization by thinking out of box,implementing ideas from conceptual stage. Great networking ability, have handled media relating to Cyber security issue on many occasions and good at training(both technical, non technical subjects). Taking ownership, delivering results, crisis management and cross functional skills are key strengths.

Specialties: Managing technical team, handling delivery & taking ownership of team. Virus analysis, Antivirus & Security products testing, Application security design & review, Secure enterprise architecture & design, ISO 27001 Standards implementation, Training. Presented in various CII conference on Cyber Security and Defense IT consultative committee(DITCC). He has Got numerous commendations from Indian army. He has done guest lecturing for various law enforcement and military academy in india.


Report Abuse