FavouritesAdd to Wish List
FavouritesAdd to Wish List
Trusted teacher
FavouritesAdd to Wish List
from58.00GBP/ h

Lesson 04: Command Injection & Brute Force Attack (Lesson 04 of Web Penetration Testing Series)

This lesson is the fourth lesson of the Web Penetration Testing series. This lesson consist of the following topics:

- Command Injection
- Code Injection
- Blind Xpath Injection
- Brute Force
- Risk Factors and Examples
- Frequency Analysis

This lesson is followed by a two hours lab practical session.

Extra information

A laptop/pc is required within Oracle Virtual Box and Kali Linux pre-installed. Good memory speed and internet connection is highly recommended.

Location

At teacher's location: Almada Street, Hamilton, Scotland, UK
At student's location: Around Glasgow, United Kingdom
Online via webcam

|
Use ⊞+wheel to zoom!
+

General info

Skills:

Age:

Teenagers (13-17 years old)
Adults (18-64 years old)
Seniors (65+ years old)

Student level:

Beginner
Intermediate

Duration:

60 minutes
90 minutes
120 minutes

The class is taught in:

English

About Me

I am working as a Lecturer (Assistant Professor) in Cyber Security, in one of a renowned university here in Scotland, the UK. I am associated with the Higher Education Academy (HEA) UK as a full Fellow. Additionally, I am associated with Kingston University London as an External Examiner for their undergraduate courses in Cybersecurity, Digital Forensics, Computer Sciences, and Multimedia Technology. I am also associated with the University of London as a Course Mentor/Tutor for their distance learning/online undergraduate courses in Computer Sciences. I am specialized in Digital Authentication and Security, Command and Control Systems (C2/C3/C4i) Security, and Cloud Computing Hybrid Authentication. I am also the Founder and CEO of Security Essential Scientific Research and Training group (SESRT) in Sydney, Australia. I have earned my PhD in Computer Science with specialization in Cyber Security from University Technology Malaysia (UTM). I am an active member of IEEE, an Academic Initiative member for IBM (UK), Authorized Profile Administrator (APA) for IBM Partner-World (UK), member of American Association of Science and Technology (AASCIT) US, and a member of International Association of Science and Technology for Development (IASTED) Canada. I have collaborations with Cyber Security Group in Coventry University (UK), Pervasive Computing Group in University Technology Malaysia, Artificial Intelligence Center for Advanced System (CAS) and Center of Excellence in Information Assurance (CoEIA) in King Saud University, Saudi Arabia. I am currently supervising Postgraduate (PhD/M.Sc.) students and Undergraduate study project students as their primary supervisor here in UWS. I am also serving as an Editor and Reviewer to many ISI/SCI-E highly ranked Journals and Flagship Conferences.

Education

Postgraduate Certificate in Academic Practice from the University of the West of Scotland (UK), PhD (Computer Sciences) from University Technology Malaysia (Malaysia), and an M.Sc. and Bachelors in Computer Sciences.

Experience / Qualifications

With a PhD in Computer Sciences and more than 16 years of teaching and research experience in Computer Sciences, Software Engineering and Cyber Security, I am a Postgraduate Certified in Academic Practice (UK) and a Full Fellow of Higher Education Academy (UK).
This lesson is the last lesson of the Web Application Penetration Testing Series. The lesson cover the following topics: - Cross-Site Scripting (XSS) - XSS Reflected Attacks - XSS Stored Attacks - Other XSS Vulnerabilities - Protection against XSS Attacks This lesson is followed by two hours of the practical session.
This lesson is the first lesson of the Web Application Penetration Testing series. This lesson is going to provide a complete overview of the series and all the topics covered in this series. Following are the topics which will be covered in this series: - Lesson 02: Web Application Security Architecture - Lesson 03: Web Security Threat Analysis - Lesson 04: Brute Force and Command Injection - Lesson 05: Cryptography and File Inclusion - Lesson 06: SQL Injection My Profile ::: I am working as a Lecturer (Assistant Professor) in Computing and Cybersecurity, with a renowned university in the UK. I am associated as a Full Fellow with the Higher Education Academy (HEA), the UK. Additionally, I am associated with Kingston University London as an External Examiner for their undergraduate courses in Cybersecurity, Digital Forensics, Computer Sciences, and Multimedia Technology. I am also associated with the University of London as a Course Mentor/Tutor for their distance learning/online undergraduate courses in Computer Sciences. I am specialized in Digital Authentication and Security, Command and Control Systems (C2/C3/C4i) Security, and Cloud Computing Hybrid Authentication. I am also the Founder and CEO of Security Essential Scientific Research and Training group (SESRT) in Sydney, Australia. I have earned my PhD in Computer Science with specialization in Cyber Security. I am an active member of IEEE, an Academic Initiative member for IBM (UK), Authorized Profile Administrator (APA) for IBM Partner-World (UK), member of American Association of Science and Technology (AASCIT) US, and a member of International Association of Science and Technology for Development (IASTED) Canada. I have collaborations with Cyber Security Group in Coventry University (UK), Pervasive Computing Group in University Technology Malaysia, Artificial Intelligence Center for Advanced System (CAS) and Center of Excellence in Information Assurance (CoEIA) in King Saud University, Saudi Arabia. I am currently supervising Postgraduate (PhD/M.Sc.) students and Undergraduate study project students as their primary supervisor here in UWS. I am also serving as an Editor and Reviewer to many ISI/SCI-E highly ranked Journals and Flagship Conferences.
This lesson is lesson 02 of the Web Penetration Testing series. It covers the following topics: - Web Application Security Architecture Overview - Web Application Security Architecture Working - Web Application Security Architecture Components - Web Server Architecture - Layered Approach - Service-Oriented Architecture - Cloud Computing - Fog/Edge Computing This lesson is followed by two hours of the practical lab session.
This lesson is the sixth lesson of the Web Application Penetration Testing series. This lesson is going to cover the following topics: - File Inclusion - Types of Inclusion - Inclusion in Web Development Languages - File Upload - Unrestricted File Upload - Risk Factors - Protection and Bypassing Methods - Prevention Methods - SQL Injection This lesson will be followed by 02 hours of the practical lab session.
This lesson is the fifth lesson of the Web Penetration Testing Series. This lesson consist of the following topics: - Cryptography Overview - Modern Cryptography - Steganography v/s Cryptography - Encoding and Decoding - Symmetric v/s Asymmetric Cryptography - Message Authentication and Hashing This lesson is followed by a two hours practical lab session.
This lesson is the third lesson of the Web Penetration Testing Series. This lesson covers the following topics: - Web Application Security Overview - Security Principles - Attack Anatomy - Threat Modeling - STRIDE Methodology - DREAD Methodology - Attack Trees This lesson is followed by a 02 hours lab practical session.

Ask a question

Send a message explaining your needs and Dr Zeeshan will reply soon:
The more detail, the better.
Ex. "Hi, when are you available to meet for a lesson?"

Availability of a typical week

MonTueWedThuFriSatSun
7              
8              
9      Wednesday at 9:00  Thursday at 9:00    Saturday at 9:00  Sunday at 9:00
10      Wednesday at 10:00  Thursday at 10:00    Saturday at 10:00  Sunday at 10:00
11      Wednesday at 11:00  Thursday at 11:00    Saturday at 11:00  Sunday at 11:00
12      Wednesday at 12:00  Thursday at 12:00    Saturday at 12:00  Sunday at 12:00
13      Wednesday at 13:00  Thursday at 13:00    Saturday at 13:00  Sunday at 13:00
14      Wednesday at 14:00      Saturday at 14:00  Sunday at 14:00
15      Wednesday at 15:00      Saturday at 15:00  Sunday at 15:00
16      Wednesday at 16:00      Saturday at 16:00  Sunday at 16:00
17      Wednesday at 17:00  Thursday at 17:00    Saturday at 17:00  Sunday at 17:00
18        Thursday at 18:00      
19              
20              
21              
22              
23              
from £58At teacher's location
from £58Online via webcam
from £69At student's home

Good-fit Instructor Guarantee


If you are not satisfied after your first lesson, Apprentus will find you another instructor or will refund your first lesson.

Online reputation

  • Instructor since July 2020
  • 1 repeat student
  • Phone number verified

Availability of a typical week

MonTueWedThuFriSatSun
7              
8              
9      Wednesday at 9:00  Thursday at 9:00    Saturday at 9:00  Sunday at 9:00
10      Wednesday at 10:00  Thursday at 10:00    Saturday at 10:00  Sunday at 10:00
11      Wednesday at 11:00  Thursday at 11:00    Saturday at 11:00  Sunday at 11:00
12      Wednesday at 12:00  Thursday at 12:00    Saturday at 12:00  Sunday at 12:00
13      Wednesday at 13:00  Thursday at 13:00    Saturday at 13:00  Sunday at 13:00
14      Wednesday at 14:00      Saturday at 14:00  Sunday at 14:00
15      Wednesday at 15:00      Saturday at 15:00  Sunday at 15:00
16      Wednesday at 16:00      Saturday at 16:00  Sunday at 16:00
17      Wednesday at 17:00  Thursday at 17:00    Saturday at 17:00  Sunday at 17:00
18        Thursday at 18:00      
19              
20              
21              
22              
23              
from £58At teacher's location
from £58Online via webcam
from £69At student's home

Good-fit Instructor Guarantee


If you are not satisfied after your first lesson, Apprentus will find you another instructor or will refund your first lesson.

Share

   LinkedIn   

Pamela
Communicating in the digital age: the basics of e-mailing
Impossible to ignore the tools of the digital age when one wants to trade. This course is for self-employed and freelancers who do not yet master these tools E-mailing, well understood and used in a targeted and responsible way, can transmit your information and solicit your prospects. in a non-intrusive manner and in accordance with the legal provisions on data protection. In 3-45 periods of 1h30, you will have understood the basics and put in place the tools that will allow you to make your first shipment and analyze the impact. NB: The possible purchase of images and the financing of a tool or program for e-mailing is the responsibility of the learner. No course material for this practical training. Choose distance courses to avoid polluting the planet!

Tresor
Civil Engineer provides courses in network administration
. Civil engineer, holder of numerous network certifications (CCNA, CCNP, CCDP, CICA, CICE, F5), accompanies and supervises students or professionals wishing to obtain their CCNA certification. This course is designed specifically for CCNA applicants and anyone interested in understanding and administering a medium-sized network. This course includes several modules namely: - general knowledge of network services - understanding and configuration of the switches - Understanding and configuring routers -understanding WAN (Wide Area Network) networks

Driss
Create a site from A to Z with bootstrap with real projects
This course is intended for: -Creation of a site from A to Z. -Learn the use of the bootstrap framework -Is smart use of styles and markup -Creation of high quality themes -Learn the Sass compilation -Learn classes, components & JS widgets

Mohan
PHP Programming - Server side scripting - Backend Programming
PHP - Introduction PHP - Environment Setup PHP - Syntax Overview PHP - Variable Types PHP - Constants PHP - Operator Types PHP - Decision Making PHP - Loop Types PHP - Arrays PHP - Strings PHP - Web Concepts PHP - GET & POST PHP - File Inclusion PHP - Files & I/O PHP - Functions PHP - Cookies PHP - Sessions

Ankit
JavaScript + HTML - Learn how to master JavaScript and HTML
JavaScript is thought of as the backbone of web apps that adapt, no matter the device. You can use it to add dynamic behavior, store information, and handle requests and responses on a website. If you already have some knowledge of HTML and CSS, this is your next step to building modern, dynamic websites. When you finish this course, you’ll have mastered JavaScript fundamentals and intermediate content like functions, object-oriented programming and browser compatibility. With these skills, you can build interactive websites.

Renaud
Learn the tools of InDesign CC 2020 software.
Trainer for 10 years, I offer to support you in your learning of InDesign software by working on concrete examples. My experience as a trainer allowed me to sharpen my teaching techniques. I adapt to the level of the student to help him master the tools offered by this software.

Mohand
Courses in scientific subjects for beginner level up to Bac + 2: Maths - Physics - Chemistry, Computer courses for beginners
Graduated from a Bachelor in Computer Science and Mathematics and Student in Computer Science - I offer tutoring courses, refresher courses to all kinds of students without overloading them, with evaluation of progress over time and provide them with the necessary motivation to continue his efforts individually with advice and documentation resources already tested before, and supplemented with advice and discussions on a good study project that will lead to a successful professional career. Course subjects: Maths, Physics, Computer programming, General computing, Office, Computer science initiation, English.

Mahmood
Basic IT and computer knowledge / Basic Computer Course
Technology is advancing at a rapid pace, and we rely more and more on computers for everything from cooking to organizing our taxes. An understanding of computer basics is compulsory nowadays. The goal of this course is to give you a solid foundation on basic IT and computer knowledge. Once you understood these basics, you will have a clear understanding on which to build your future knowledge of an skill with computers and the Internet. COURSE OUTLINES: KNOWING COMPUTER - Introduction and objectives - What is Computer? - Components of Computer system - Concept of Hardware and Software - Concept of computing, data and information - Applications of IECT - Bringing computer to life OPERATING COMPUTER USING GUI BASED OPERATING SYSTEM - Introduction and objectives - Basics of Operating System - The User Interface - Operating System Simple Setting - File and Directory Management UNDERSTANDING WORD PROCESSING - Introduction and objectives - Word processing Basics - Opening and closing Documents - Text Creation and manipulation - Formatting the Text - Table manipulation USING SPREAD SHEET - Introduction and objectives - Elements of Electronic Spread sheet - Manipulation of Cells - Formulas and Function INTRODUCTION TO INTERNET, WWW AND WEB BROWSERS - Introduction and objectives - Basic of Computer Networks - Internet - World Wide Web (WWW) - Web Browsing Softwares - Search Engines - Understanding URL - Surfing the web COMMUNICATIONS AND COLLABORATION - Introduction and objectives - Basics of E-mail - Using E-mails - Document collaboration - Instant Messaging and Collaboration MAKING SMALL PRESENTATIONS - Introduction and objectives - Basics of Making small Presentations - Creation of presentation - Preparation of slides - Presentation of slides - Slide show FINANCIAL LITERACY FOR BANKING SCHEME AND APPLICATIONS - Introduction and objectives - Why Savings are needed? - Drawbacks of keeping cash at home - Why Bank is needed? - Banking products - Banking Service Delivery Channels - Various Schemes - Bank on your mobile - Insurance

Serigne
Private lessons in mathematics, physics and computer science
As part of a double-degree program with École Polytechnique in France, I completed a Master's degree at École Polytechnique Montréal in Electrical Engineering between 2016 and 2018. I am currently working as an engineer in the simulation of electrical networks. I have been teaching baccalaureate students in Montreal for two years. In total, I supervised 8 students, 5 of whom are at Polytechnique Montréal. I had to teach Calculus I (continuations, series, multivariate functions), Calculus II (Double Integrals, Triples), Algebra, Static, Resistance of Materials, Differential Calculus, Programming (C, Java, Python). During the five years in France, I also gave private lessons through organizations such as LaptiTude Prépas (with which I had to prepare a final class for the French baccalaureate) or Scolaridée, but also as self employed. My training is very complete in Mathematics, Physical and Industrial Sciences and Computer Science, I gave private lessons in these disciplines, to students whose level was from the 4th secondary to the bachelor's degree (bachelor in Montreal) I always set with the student the objectives that we want to achieve, then we establish a program of progression and follow-up in order to cover all the needs. This allowed us to obtain results that exceeded the preliminary objectives. I like to give private lessons in my free time because it is a very nice experience and a way to help people in difficulty.

Fawzi
International freelance trainer offers training on CATIA V5 and Solidworks
Experienced trainer specializing in CAD software (Computer Aided Design) offers its services to professionals and individuals, in terms of training and homework help / technical support on CATIA V5 and / or Solidworks. the content of CATIA V5 or Solidworks basic training (24 hours = 3h x 8 sessions) is as follows: - Introduction to CAD, presentation of the user environment - Creating geometries from sketches - 3D modeling of prismatic parts - Creating parts using advanced tools - Realization of assemblies - Development of drawings from parts and assemblies if you already have basic knowledge and want to improve it, I offer intermediate (15 h) or advanced (9 h) if you prefer more specific and shorter courses, I also offer other courses: advanced mechanical design, advanced assemblies, surface, sheet metal, kinematics, mold making, Knowledgeware ... you can also opt for a la carte training. I specify that I prepare myself course materials / exercise books and assessments.

Khalid
With this course, I teach you how to create your site with WordPress. You are one click away from bringing visitors or prospects to you.
Having a good knowledge of WordPress is a great asset, you increase your communication resources and gain in autonomy. I accompany you from the setting up of your site online to the proper configuration of it. As a preamble, you start by understanding what WordPress is, how to install it online with your own domain name. You can then integrate content: pages, articles, graphics, photographs, videos, webinars, contact form... All this without any line of code. The process is simple, in the following order or according to your needs, (if you want one or a few hours of lessons on a specific issue, please let me know your request): - Installation and basic configuration of WordPress online. - Securing and prioritizing the rights of the site's users: you and/or your colleagues. - Reflection and implementation of the best categorization for your content. - Management of menus. - Choosing the design and how to modify it. - Keywords and local search. - SEO: content prioritization, identification of your customers' or audience's path on the web and how to attract them to your site. - Image optimization: for a quick display of the site, better SEO and sharing on social networks. - Choice of the best plug-ins according to your specifications: e.g. setting up meetings, events, mailing-lists. - Multilingualism. - Best practices and tips for better site security. If you work for a small company or an organization, I adapt my course accordingly, so that you can use your website at best with your colleagues for a better sharing of tasks. This course is therefore aimed at those who want to have a quality presence on the web, knowing how to create a website is of course also useful when looking for a job. Don't hesitate any longer, once your website is online you can start prospecting your customers. But be aware that this is a course, not a service :), I adapt as much as possible to your needs, but it is in your interest to follow the steps. By experience, I know that if I adapt too much to the student's demands, the pedagogy and learning are slowed down. An express intervention can nevertheless be carried out, it concerns without restriction: the recovery of an offline or corrupted site, a backup maintenance, an incompatibility between several plug-ins, but also the implementation of contact or booking forms or any other functionality.

Christine
Math-physics-chemistry course, computer science, French and German courses
Engineer in nuclear physics with more than 20 years of experience in the course of support. I carefully prepare each of my classes. I am able to simply explain complex themes. My goal is for the student to be certain of his answers.

Said
Accelerated computer courses: office automation, programming for all levels, advanced programming
For all levels, I offer programming courses according to your needs: -Web technology. (php, angularjs, javascript, css, html ...) -JAVA / J2EE technology (frameworks: Spring Boot, JPA, hibernate), RMI, Sockets ... -Office (Word, Excel, PowerPoint) -The use of the machine.

Robin
Excel VBA course for all levels. Save time by automating your files
I beg you to believe that in a lot of companies, I've heard, "We do like that because Excel can not do it." It could have been Access ... Anyway, that's the typical example of the company adapting its processes to its work tools. Which is nonsense! Although I grant you this, you have to know how to be conciliatory about computer technologies. Fortunately the VBA is here! This programming language will allow us to write macros in view: Automate repetitive and iterative tasks. Manage and reduce the risk of errors. To optimize treatment times. To design personalized user interfaces. To create specific treatments not available natively in software. To develop the potential of Office Suite applications. Exchange data between the different applications of the Office suite. It should be noted that in general the learning is done only on Excel or Access. Although this is not the reference in terms of programming language, it has certain advantages: Accessible and intuitive. A fairly flexible syntax and a relatively well-designed and effective editor. Performance and quite stable. In case of difficulties, a large community that can always be solicited via the Internet. Without out-of-the-box, the VBA is a programming language more than correct that allows to develop applications for professional use in order to facilitate the life of the users and to answer to the problems that many companies meet in the data processing.

Abderrazzak
Computer Science: PFE, Algo, Programming, C, Java, PHP
Courses and supervision in Computer Science: - Programming (Java, C, C #, PHP) - Modeling: Merise + UML + Design Pattern - PFE and IT Project - Initiation course in Computer Science - Assistance in the use of information technologies - Database (MySQL, SQL Server, Oracle, SQL, PL SQL)