Certified Secure Coder- PHP (CSC- PHP)

This course teaches how to hack and secure PHP. Owasp top10(A1 to A10) for PHP.
4.5 (24 ratings) Instead of using a simple lifetime average, Udemy calculates a
course's star rating by considering a number of different factors
such as the number of ratings, the age of ratings, and the
likelihood of fraudulent ratings.
800 students enrolled
$19
$20
5% off
Take This Course
  • Lectures 66
  • Length 4 hours
  • Skill Level Intermediate Level
  • Languages English
  • Includes Lifetime access
    30 day money back guarantee!
    Available on iOS and Android
    Certificate of Completion
Wishlisted Wishlist

How taking a course works

Discover

Find online courses made by experts from around the world.

Learn

Take your courses with you and learn anywhere, anytime.

Master

Learn and practice real-world skills and achieve your goals.

About This Course

Published 11/2014 English

Course Description

This course teaches the programmers on how to exploit(hack) and defend against various attacks on PHP language. The course is designed around OWASP Top10 which is common standard which is used in design, architecture, testing of web applications.

The course contains video/audio lectures. It has Theory on PHP programming(Exploit, Defense) . It also has Demos of exploitation and Defense. It gives students practical insight into coding web application in PHP securely.

We recommend students to study the course over a period of 15 days and attempt the quiz at the end of the period. we also recommend students to study various resource material available on the internet in various forums including OWASP official website.

The course is structured according to OWASP Top 10 from A1 to A10. In each of the OWASP Top10 sessions we have categorized presentation, exploitation, defense.

Any programmer who is programming in PHP, should take this course. Secure PHP programmers are prefered by organisations across the globe.

What are the requirements?

  • basic programming in PHP
  • web based programming language

What am I going to get from this course?

  • Learn to Hack and Write Secure PHP code
  • Learn the OWASP Top10 Methodology A1 - A10
  • Apply the above OWASP Top10 methodology on PHP programming

What is the target audience?

  • Programmers who code in PHP
  • Design Engineers, Architects who design or architecture for PHP based programs
  • Security testers and Functional testers who test PHP based programs

What you get with this course?

Not for you? No problem.
30 day money back guarantee.

Forever yours.
Lifetime access.

Learn on the go.
Desktop, iOS and Android.

Get rewarded.
Certificate of completion.

Curriculum

Section 1: Injection(A1) - OWASP Top10
Injection - OWASP Top10 (A1) - Presentation
Preview
02:43
Blind SQL Injection Presentation
Preview
09:06
SQLI
10:30
Time based SQLI
05:13
Union Exploitation Technique
09:03
SQL Injection Union - Demo - Exploitation
12:40
Preventing SQLI
02:44
SQL Injection Login Bypass - Demo
04:44
SQL Injection - Demo - Defense
07:51
Section 2: Injection(A1) - Command Injection
Command Injection Presentation
03:26
Command Injection - Demo
02:32
Command Injection Prevention - Demo
01:34
Section 3: Injection(A1) - XML & XPath Injection
XML & XPath Injection Presentation
08:07
XPath Injection - Demo
03:18
XPath Injection Prevention - Demo
02:12
Section 4: Injection(A1) - PHP Code Injection
PHP Code Injection Presentation
03:34
PHP Code Injection Demo
02:32
PHP Code Injection Prevention
01:05
Section 5: Injection(A1) - PHP Object Injection
PHP Object Injection Presentation
02:14
PHP Object Injection Demo 1
05:18
PHP Object Injection Demo 2
03:00
PHP Object Injection Prevention
01:19
Section 6: Injection(A1) - SSI Injection
SSI Injection Presentation
02:43
SSI Injection Demo
04:15
SSI Injection Prevention
01:15
Section 7: Injection(A1) - LDAP Injection
LDAP Injection Presentation
03:47
Section 8: Injection(A1) - HTML Injection
HTML Injection Presentation
03:01
HTML Injection Demo
03:32
Section 9: Broken Authentication and Session Management(A2) - OWASP Top10
Broken Authentication and Session Management - OWASP Top10(A2) - Presentation
05:28
Broken Authentication and Session Management - Demo - Exploit
00:44
Defense Demo
01:50
Section 10: Cross-Site Scripting (XSS) - A3 - OWASP Top10
Cross Site Scripting(XSS) - Introduction
02:46
Cross Site Scripting - Reflected
03:32
Cross Site Scripting - Demo - Reflected - Get
02:57
Cross Site Scripting(XSS) - Demo - Reflected - Post
01:25
Cross Site Scripting(XSS) Stored - Presentation
05:58
Cross Site Scripting(XSS) - Demo - Stored
01:32
Section 11: Cross Site Scripting - A3 - Defense
Cross-Site Scripting (XSS) - OWASP Top10 - Presentation - Defence
03:22
Cross-Site Scripting (XSS) - FIlters
01:21
Cross Site Scripting(XSS) - HTTP Flag
01:50
Cross Site Scripting - Demo - Modsecurity
00:57
Section 12: Insecure Direct Object References - A4 - OWASP Top10
Insecure Direct Object Reference - OWASP Top10 - A4 - Presentation
06:47
Insecure Direct Object Reference -DEMO- Exploitation
02:19
Insecure Direct Object Reference - Demo - Defense
01:11
Section 13: Security Misconfiguration - A5 - OWASP Top10
Security Misconfiguration - OWASP Top10 - A5 - Presentation
07:39
Security Misconfiguration - Demo - Exploit
01:25
Security Misconfiguration - Demo - Defense
01:56
Section 14: Sensitive Data Exposure - A6 - OWASP Top10
Sensitive Data Exposure - OWASP Top10 - A6 - Presentation
05:06
Sensitive Data Exposure - A6 - Demo - Exploit
01:06
Sensitive Data Exposure - A6 - Demo - Defense
01:12
Section 15: Missing Function Level Access Control - A7 - OWASP Top10
Missing Function Level Access Control - OWASP Top10 - A7 - Presentation
05:22
Missing Function Level Access Control - Demo - Exploitation(1)
01:11
Missing Function Level Access Control - Demo - Exploitation(2)
02:48
Missing Function Level Access Control - Demo - Defence
01:25
Section 16: Cross-Site Request Forgery (CSRF) - A8 - OWASP Top10
Cross-Site Request Forgery (CSRF) - OWASP Top10 - A8 - Presentation
10:25
Cross-Site Request Forgery (CSRF) - OWASP Top10 - A8 - Defense Presentation
04:31
CSRF - Demo - Get Exploit
04:12
CSRF - Demo - Get Defence
02:03
CSRF - Demo - Post Exploit
04:28
CSRF - Demo - Post Defence
03:56
Section 17: Using Components with Known Vulnerabilities - A9 - OWASP Top10
Using Components with Known Vulnerabilities - OWASP top10 - A9 - Presentation
04:18
Using components with Known Vulnerabilities - A9 - Demo
02:59
Section 18: Unvalidated Redirects and Forwards - A10 - OWASPTop10
Unvalidated Redirects and Forwards - OWASP Top10 - A10 - Presentation
07:33
Unvalidated Redirects and Forwards - OWASP Top10 - A10 - Presentation Defense
01:48
Unvalidated Redirects and Forwards - Demo - Exploit
01:47
Unvalidated Redirects and Forwards - Demo - Defense
02:47
Section 19: Certification
10 questions

This is the Hacking & Securing PHP (OWASP Top10 A1 - A10)

Students Who Viewed This Course Also Viewed

  • Loading
  • Loading
  • Loading

Instructor Biography

Cyber Security and Privacy Foundation Pte Ltd. is a Consulting, Services & Training Company based in Singapore. We do Vulnerability Assessment, Penetration Testing, Web Application Security Testing, Mobile Application Security Testing and Cyber Security Training. We do zero day security assessment and APT analysis and technical security certifications for organisation.

Cyber Security & Privacy Foundation, India is setup with objective to do non commercial work. It has around 14000+ members and almost 9000+ students and CISO's of major companies on its board. We are involved in active research in field on cyber security, web portal security management, product research which is useful for all computer users.

J Prasanna : 20+ year full time experience in field of computer security. He has worked for anti virus companies & run my own consulting companies. He have worked on standards implementation, consulting, testing, handled team of security experts, coders & networking experts. Can provide value to any organization by thinking out of box,implementing ideas from conceptual stage. Great networking ability, have handled media relating to Cyber security issue on many occasions and good at training(both technical, non technical subjects). Taking ownership, delivering results, crisis management and cross functional skills are key strengths.

Specialties: Managing technical team, handling delivery & taking ownership of team. Virus analysis, Antivirus & Security products testing, Application security design & review, Secure enterprise architecture & design, ISO 27001 Standards implementation, Training. Presented in various CII conference on Cyber Security and Defense IT consultative committee(DITCC). He has Got numerous commendations from Indian army. He has done guest lecturing for various law enforcement and military academy in india.


Ready to start learning?
Take This Course