SDT 317 - Testing for Improper Control of Generation of Code (NEW)


Course Details

Course Number: SDT 317

Course Duration: 10 minutes

Course CPE Credits: 0.25

Related Subject Matter

Foreign Languages Available:

  • English

Course Overview

When user input can influence dynamically generated code to influence program flow or execute arbitrary code the attack is often referred to as code injection. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-94 by the 2020 CWE Top 25.

Topics include:

  • Recognizing the impact of this vulnerability
  • Understanding various forms of this attack and their similarities
  • Techniques for finding Hard-Coded credentials in source code
  • Application of mitigation techniques for limiting the impact
  • Leveraging various tools used to test for code injection vulnerabilities
Ready to Demo this course? Questions? Contact Us!