Riding the Magical Code Injection Rainbow
Offered By: LASCON via YouTube
Course Description
Overview
Explore advanced exploitation techniques in this 43-minute LASCON conference talk from 2013. Delve into the Magical Code Injection Rainbow (MCIR) framework for building configurable vulnerable applications. Learn about SQLol for SQL injection and XMLmao for XML and XPath injection. Discover advanced techniques in SQL injection, XPath injection, cross-site scripting, and shell command injection. Examine the exploitation of insecure cryptosystems and gain insights on creating your own configurable vulnerable application using the MCIR framework. Cover topics such as testbeds, Anti XSS, XMLMAO, cryptography, web security, key reuse, encryption, and shell injection.
Syllabus
Introduction
What is the Magical Code Injection Rainbow
What are vulnerable applications
Limitations of vulnerable applications
Testbeds
Anti XSS
XMLMAO
Crypt OMG
Web Site
Reusing Keys
Encryption
Shell Injection
Taught by
LASCON
Related Courses
Hacking and PatchingUniversity of Colorado System via Coursera Software Design Threats and Mitigations
University of Colorado System via Coursera Introduction to Cybersecurity for Teachers
Raspberry Pi Foundation via FutureLearn Identifying Security Vulnerabilities
University of California, Davis via Coursera Web Application Security Testing with Burp Suite
Coursera Project Network via Coursera