Close
Training
CMD+CTRL Base Camp
Courses
Overview
Features
Learning Paths
Course Catalog
Customer Success
Try it
Labs
Cyber Range
Overview
Features
Reporting
Suite
Modes
Customer Success
Get Started
✓ Take the AppSec Challenge
Services
Overview
Software Penetration Testing
Pen testing Overview
IoT Pen Testing
Mobile Pen Testing
Cloud & Web Penetration Testing
Blockchain Pen Testing
Our Difference
Application Security Consulting
Secure SDLC (SSDLC) Consulting
Application Security Code Review
Architecture & Design Review
Medical Device Threat Modeling
Infrastructure Security Consulting
Attack Simulation
Cloud Security Configuration
Security Tabletop Consulting
Solutions
Cloud & Web
Mobile
IoT & Embedded
Blockchain
Resources
Guides & Case Studies
Webinars
Blog
About
Company Overview
Ed TALKS
Partners
Community
Clients
Leadership
Careers
News
Contact
Let’s Talk
Training
CMD+CTRL Base Camp
Courses
Overview
Features
Learning Paths
Course Catalog
Customer Success
Try it
Labs
Cyber Range
Overview
Features
Reporting
Suite
Modes
Customer Success
Get Started
✓ Take the AppSec Challenge
Services
Overview
Software Penetration Testing
Pen testing Overview
IoT Pen Testing
Mobile Pen Testing
Cloud & Web Penetration Testing
Blockchain Pen Testing
Our Difference
Application Security Consulting
Secure SDLC (SSDLC) Consulting
Application Security Code Review
Architecture & Design Review
Medical Device Threat Modeling
Infrastructure Security Consulting
Attack Simulation
Cloud Security Configuration
Security Tabletop Consulting
Solutions
Cloud & Web
Mobile
IoT & Embedded
Blockchain
Resources
Guides & Case Studies
Webinars
Blog
About
Company Overview
Ed TALKS
Partners
Community
Clients
Leadership
Careers
News
Contact
Let’s Talk
Course Catalog
/
Subject
/
Web
Web
The Courses
View All Courses
Download Course Catalog
LAB 253 Defending Against Weak PRNG (Python) (COMING SOON)
10 Minutes
Advanced
LAB 247 Defending Against Weak PRNG (Node.js) (COMING SOON)
10 Minutes
Advanced
LAB 229 Defending Against Weak PRNG (Java) (COMING SOON)
10 Minutes
Advanced
LAB 239 Defending Against Weak PRNG (C#) (COMING SOON)
10 Minutes
Advanced
LAB 252 Defending Against Weak AES ECB Mode Encryption (Python) (COMING SOON)
10 Minutes
Advanced
LAB 246 Defending Against Weak AES ECB Mode Encryption (Node.js) (COMING SOON)
10 Minutes
Advanced
LAB 228 Defending Against Weak AES ECB Mode Encryption (Java) (COMING SOON)
10 Minutes
Advanced
LAB 238 Defending Against Weak AES ECB Mode Encryption (C#) (COMING SOON)
10 Minutes
Advanced
LAB 249 Defending Against Plaintext Password Storage (Python) (COMING SOON)
10 Minutes
Advanced
LAB 245 Defending Against Plaintext Password Storage (Node.js) (COMING SOON)
10 Minutes
Advanced
LAB 235 Defending Against Plaintext Password Storage (Java) (COMING SOON)
10 Minutes
Advanced
LAB 251 Defending Against Plaintext Password Storage (C#) (COMING SOON)
10 Minutes
Advanced
LAB 254 Defending Against Parameter Tampering (Python) (COMING SOON)
10 Minutes
Advanced
LAB 248 Defending Against Parameter Tampering (Node.js) (COMING SOON)
10 Minutes
Advanced
LAB 234 Defending Against Parameter Tampering (Java) (COMING SOON)
10 Minutes
Advanced
LAB 250 Defending Against Parameter Tampering (C#) (COMING SOON)
10 Minutes
Advanced
LAB 126 Identifying Information Leakage (COMING SOON)
5 Minutes
Core
LAB 125 Identifying Buffer Overflow (COMING SOON)
5 Minutes
Core
LAB 124 Identifying Horizontal Privilege Escalation (COMING SOON)
5 Minutes
Core
LAB 111 Identifying Server-Side Request Forgery (COMING SOON)
5 Minutes
Core
API 211 Mitigating APIs Broken Object Level Authorization (COMING SOON)
15 Minutes
Advanced
API 210 Mitigating APIs Lack of Resources & Rate Limiting (COMING SOON)
15 Minutes
Advanced
LAB 324 ATT&CK: Exploiting Java Web Application Server Misconfiguration (NEW)
12 Minutes
Elite
LAB 323 ATT&CK: Exploiting Vulnerable Java Web Application Server Software (NEW)
12 Minutes
Elite
LAB 315 ATT&CK: Updating Vulnerable Java Web Application Server Software (NEW)
12 Minutes
Elite
LAB 244 Defending Java Against Security Misconfiguration (NEW)
12 Minutes
Advanced
LAB 243 Defending Python Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
10 Minutes
Advanced
LAB 242 Defending Node.js Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
10 Minutes
Advanced
LAB 241 Defending C# Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
10 Minutes
Advanced
LAB 240 Defending Java Against eXternal XML Entity (XXE) Vulnerabilities (NEW)
10 Minutes
Advanced
LAB 223 Defending Node.js Against SQL Injection (NEW)
10 Minutes
Advanced
LAB 222 Defending Python Against SQL Injection (NEW)
10 Minutes
Advanced
LAB 221 Defending C# Against SQL Injection (NEW)
10 Minutes
Advanced
LAB 121 Identifying Vulnerable and Outdate Components (NEW)
5 Minutes
Advanced
LAB 113 Identifying Cryptographic Failures (NEW)
5 Minutes
Advanced
SDT 310 Testing for Security Logging and Monitoring Failures (NEW)
10 Minutes
Elite
SDT 309 Testing for Vulnerable and Outdated Components (NEW)
10 Minutes
Elite
SDT 308 Testing for Software and Data Integrity Failures (NEW)
10 Minutes
Elite
SDT 307 Testing for Server-Side Request Forgery (SSRF) (NEW)
10 Minutes
Elite
SDT 306 Testing for Security Misconfiguration (NEW)
10 Minutes
Elite
SDT 305 Testing for Broken Access Control (NEW)
10 Minutes
Elite
SDT 304 Testing for Insecure Design (NEW)
10 Minutes
Elite
SDT 303 Testing for Cryptographic Failures (NEW)
10 Minutes
Elite
SDT 302 Testing for Identification and Authentication Failures (NEW)
10 Minutes
Elite
SDT 301 Testing for Injection (NEW)
10 Minutes
Elite
DES 241 Mitigating OWASP 2021 Security Logging and Monitoring Failures (NEW)
12 Minutes
Advanced
DES 240 Mitigating OWASP 2021 Vulnerable and Outdated Components (NEW)
12 Minutes
Advanced
DES 239 Mitigating OWASP 2021 Software and Data Integrity Failures (NEW)
12 Minutes
Advanced
DES 238 Mitigating OWASP 2021 Server-Side Request Forgery (SSRF) (NEW)
12 Minutes
Advanced
DES 237 Mitigating OWASP 2021 Security Misconfiguration (NEW)
12 Minutes
Advanced
DES 236 Mitigating OWASP 2021 Broken Access Control (NEW)
12 Minutes
Advanced
DES 235 Mitigating OWASP 2021 Insecure Design (NEW)
12 Minutes
Advanced
DES 234 – Mitigating OWASP 2021 Cryptographic Failures (NEW)
12 Minutes
Advanced
DES 233 – Mitigating OWASP 2021 Identification and Authentication Failures (NEW)
12 Minutes
Advanced
DES 232 – Mitigating OWASP 2021 Injection (NEW)
12 Minutes
Advanced
LAB 330 ATT&CK: Exploiting Java SQL Injection to Extract Password Hashes (NEW)
15 Minutes
Elite
LAB 322 ATT&CK: Exploiting Windows File Sharing Server with External Remote Services (NEW)
20 Minutes
Elite
LAB 321 ATT&CK: Password Cracking (NEW)
5 Minutes
Elite
LAB 237 Defending Java from SQL Injection (NEW)
20 Minutes
Advanced
LAB 233 Defending Node.js Against XSS (NEW)
15 Minutes
Advanced
LAB 232 Defending C# Against XSS (NEW)
15 Minutes
Advanced
LAB 231 Defending Python Against XSS (NEW)
15 Minutes
Advanced
LAB 230 Defending Java Against XSS (NEW)
15 Minutes
Advanced
LAB 220 Defending Against Hard-Coded Secrets (NEW)
5 Minutes
Advanced
LAB 120 Identifying XML Injection (NEW)
5 Minutes
Core
LAB 119 Identifying Persistent XSS (NEW)
5 Minutes
Advanced
LAB 118 Identifying Weak File Upload Validation (NEW)
5 Minutes
Advanced
LAB 117 Identifying Hidden Form Field (NEW)
5 Minutes
Advanced
LAB 116 Identifying Forceful Browsing (NEW)
5 Minutes
Advanced
LAB 115 Identifying Reflective XSS (NEW)
5 Minutes
Advanced
LAB 114 Identifying Cookie Tampering (NEW)
5 Minutes
Advanced
LAB 110 – Identifying Sensitive Data Exposure Vulnerability Identification
7 Minutes
Advanced
LAB 109 – Identifying Security Misconfiguration Vulnerabilities
5 Minutes
Advanced
LAB 108 – Identifying Reverse Engineering Vulnerabilities
8 Minutes
Advanced
LAB 107 – Identifying Injection Vulnerabilities
7 Minutes
Advanced
LAB 106 – Identifying Cross-Site Scripting Vulnerabilities
7 Minutes
Advanced
LAB 105 – Identifying Credential Dumping: Vulnerability Identification
7 Minutes
Advanced
LAB 104 – Identifying Business Logic Flaw Vulnerabilities
7 Minutes
Advanced
LAB 103 – Identifying Broken User Authentication Vulnerabilities
7 Minutes
Advanced
LAB 102 – Identifying Broken Object-Level Authorization Vulnerabilities
5 Minutes
Advanced
LAB 101 – Identifying Broken Access Control Vulnerabilities
5 Minutes
Advanced
DES 208 – Defending Against the CSA Top 11 Threats to Cloud Computing
15 Minutes
Advanced
DES 207 – Mitigating OWASP API Security Top 10
15 Minutes
Advanced
COD 386 – Preventing Integer Overflows in Java Code
8 Minutes
Elite
COD 385 – Preventing Race Conditions in Java Code
8 Minutes
Elite
COD 384 – Protecting Java from Information Disclosure
8 Minutes
Elite
COD 324 – Protecting C# from XML Injection
8 Minutes
Elite
COD 287 – Java Application Server Hardening
20 Minutes
Advanced
TST 206 – ASVS Requirements for Developers
20 Minutes
Advanced
ENG 354 – Authorizing and Monitoring System Controls within the RMF
20 Minutes
Elite
ENG 353 – Selecting, Implementing and Assessing Controls within the RMF
20 Minutes
Elite
DSO 254 – DevSecOps in the Azure Cloud
20 Minutes
Advanced
DSO 253 – DevSecOps in the AWS Cloud
20 Minutes
Advanced
DSO 205 – Securing the COTS Supply Chain
15 Minutes
Advanced
DES 306 – Creating a Secure Blockchain Network
20 Minutes
Elite
DES 305 – Protecting Existing Blockchain Assets
20 Minutes
Elite
DES 210 – Hardening Linux/Unix Systems
30 Minutes
Advanced
TST 356 – Penetration Testing for Cross-Site Scripting (XSS)
12 Minutes
Elite
TST 355 – Penetration Testing for Authorization Vulnerabilities
12 Minutes
Elite
TST 353 – Penetration Testing for SQL Injection
12 Minutes
Elite
TST 352 – Penetration Testing for Injection Vulnerabilities
12 Minutes
Elite
TST 351 – Penetration Testing for TLS Vulnerabilities
12 Minutes
Elite
TST 202 – Penetration Testing Fundamentals
25 Minutes
Advanced
COD 258 – Creating Secure PHP Web Applications
30 Minutes
Advanced
COD 251 – Defending AJAX-Enabled Web Applications
25 Minutes
Advanced
COD 309 – Securing ASP.NET MVC Applications
30 Minutes
Elite
COD 308 – Common ASP.NET MVC Vulnerabilities and Attacks
45 Minutes
Elite
ENG 150 – Meeting Confidentiality, Integrity, and Availability
30 Minutes
Core
COD 284 – Secure Java Coding
30 Minutes
Advanced
COD 249 – PCI DSS 11: Regularly Test Security Systems and Processes
15 Minutes
Advanced
COD 248 – PCI DSS 6: Develop and Maintain Secure Systems and Applications
15 Minutes
Advanced
COD 247 – PCI DSS 4: Encrypting Transmission of Cardholder Data
15 Minutes
Advanced
COD 246 – PCI DSS 3: Protecting Stored Cardholder Data
15 Minutes
Advanced
SDT 314 – Testing for Unrestricted Upload of File with Dangerous Type
15 Minutes
Elite
COD 379 – Testing for OWASP 2017: Insufficient Logging & Monitoring
10 Minutes
Elite
COD 378 – Testing for OWASP 2017: Use of Components with Known Vulnerabilities
10 Minutes
Elite
COD 377 – Testing for OWASP 2017: Insecure Deserialization
10 Minutes
Elite
COD 376 – Testing for OWASP 2017: Cross Site Scripting (XSS)
15 Minutes
Elite
COD 375 – Testing for OWASP 2017: Security Misconfiguration
10 Minutes
Elite
COD 374 – Testing for OWASP 2017: Broken Access Control
10 Minutes
Elite
COD 373 – Testing for OWASP 2017: XML External Entities
10 Minutes
Elite
COD 372 – Testing for OWASP 2017: Sensitive Data Exposure
12 Minutes
Elite
COD 371 – Testing for OWASP 2017: Broken Authentication
12 Minutes
Elite
COD 370- Testing for OWASP 2017: Injection
15 Minutes
Elite
ENG 195 – Implementing the Microsoft SDL Threat Modeling Tool
20 Minutes
Core
ENG 194 – Implementing Microsoft SDL Line of Business
20 Minutes
Core
ENG 193 – Implementing the Microsoft SDL Optimization Model
12 Minutes
Core
ENG 192- Implementing the Agile Microsoft SDL
20 Minutes
Core
ENG 191 – Introduction to the Microsoft SDL
25 Minutes
Core
DES 231 – Applying OWASP 2017: Mitigating Insufficient Logging & Monitoring Vulnerabilities
12 Minutes
Advanced
DES 230 – Applying OWASP 2017: Mitigating Use of Components with Known Vulnerabilities
12 Minutes
Advanced
DES 229 – Applying OWASP 2017: Mitigating Insecure Deserialization
12 Minutes
Advanced
DES 228 – Applying OWASP 2017: Mitigating Cross Site Scripting (XSS)
12 Minutes
Advanced
DES 227 – Applying OWASP 2017: Mitigating Security Misconfiguration
12 Minutes
Advanced
DES 226 – Applying OWASP 2017: Mitigating Broken Access Control
12 Minutes
Advanced
DES 225 – Applying OWASP 2017: Mitigating XML External Entities
12 Minutes
Advanced
DES 224 – Applying OWASP 2017: Mitigating Sensitive Data Exposure
12 Minutes
Advanced
DES 223 – Applying OWASP 2017: Mitigating Broken Authentication
12 Minutes
Advanced
DES 222 – Applying OWASP 2017: Mitigating Injection
12 Minutes
Advanced
COD 382 – Protecting Data in Java
30 Minutes
Elite
COD 381 – Preventing Path Traversal Attacks in Java
8 Minutes
Elite
COD 380 – Preventing SQL Injection in Java
8 Minutes
Elite
COD 364 – Securing HTML5 Connectivity
20 Minutes
Elite
COD 363- Securing HTML5 Data
20 Minutes
Elite
COD 362 – HTML5 Built in Security Features
20 Minutes
Elite
COD 361 – HTML5 Secure Threats
15 Minutes
Elite
COD 322 – Protecting C# from SQL Injection
8 Minutes
Elite
COD 283 – Java Cryptography
45 Minutes
Advanced
COD 281 – Java Security Model
20 Minutes
Advanced
COD 257 – Creating Secure Python Web Applications
45 Minutes
Advanced
COD 256 – Creating Secure Code: Ruby on Rails Foundations
45 Minutes
Advanced
COD 255 – Creating Secure Code: Web API Foundations
20 Minutes
Advanced
COD 217 – Mitigating .NET Security Threats
45 Minutes
Advanced
COD 216 – Leveraging .NET Framework Code Access Security (CAS)
30 Minutes
Advanced
COD 202 – Secure C Runtime Protection
15 Minutes
Advanced