SDT 317 - Testing for Improper Control of Generation of Code


Course Overview

When user input can influence dynamically generated code to influence program flow or execute arbitrary code the attack is often referred to as code injection. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-94 by the CWE Top 25.

Topics include:

  • Recognizing the impact of this vulnerability
  • Understanding various forms of this attack and their similarities
  • Techniques for finding Hard-Coded credentials in source code
  • Application of mitigation techniques for limiting the impact
  • Leveraging various tools used to test for code injection vulnerabilities

Looking To Learn More?

Request more information on our courses and labs.

Course Details

Course Number: SDT 317

Course Duration: 10 minutes

Course CPE Credits: 0.25

NICE Specialty Areas

Foreign Languages Available:

  • English