Hacking and Patching

This specialization in intended for IT professionals, computer programmers, managers, IT security professionals who like to move up ladder, who are seeking to develop network system security skills. Through four courses, we will cover the Design and Analyze Secure Networked Systems, Develop Secure Programs with Basic Cryptography and Crypto API, Hacking and Patching Web Applications, Perform Penetration Testing, and Secure Networked Systems with Firewall and IDS, which will prepare you to perform tasks as Cyber Security Engineer, IT Security Analyst, and Cyber Security Analyst.The learning out

( 85 Reviews )

Created by: Edward Chow

Quality Score

Content Quality

Video Quality

Qualified Instructor

Course Pace

Course Depth & Coverage

Overall Score : 68 / 100

Live Chat with CourseDuck's Co-Founder for Help

Need help deciding on a branding course? Or looking for more detail on Edward Chow's Hacking and Patching? Feel free to chat below.

Join CourseDuck's Online Learning Discord Community

Course Description

In this MOOC, you will learn how to hack web apps with command injection vulnerabilities in a web site of your AWS Linux instance. You will learn how to search valuable information on a typical Linux systems with LAMP services, and deposit and hide Trojans for future exploitation. You will learn how to patch these web apps with input validation using regular expression. You will learn a security design pattern to avoid introducing injection vulnerabilities by input validation and replacing generic system calls with specific function calls. You will learn how to hack web apps with SQL injection vulnerabilities and retrieve user profile information and passwords. You will learn how to patch them with input validation and SQL parameter binding. You will learn the hacking methodology, Nessus tool for scanning vulnerabilities, Kali Linux for penetration testing, and Metasploit Framework for gaining access to vulnerable Windows Systems, deploying keylogger, and perform Remote VNC server injection. You will learn security in memory systems and virtual memory layout, and understand buffer overflow attacks and their defenses. You will learn how to clone a Kali instance with AWS P2 GPU support and perform hashcat password cracking using dictionary attacks and known pattern mask attacks.

Time: 10h

Instructor Details

Edward Chow

3.4 Rating
85 Reviews

Dr. Chinghua Edward Chow is Professor of Computer Science. Got his PhD in Computer Science Degree from University of Texas at Austin 1985. He served as a Member of Technical Staff with Bell Communications Research, NJ 1986-1991. He joined UCCS 1991. His research is focused on the improvement of the security, reliability and performance of network systems. He has two US patents on distributed network restoration and survivable architecture. He is currently working on techniques and risk analysis for critical infrastructure protection and data protection using proximity and network information. He recently developed an efficient Internet Security protocol that improves the performance and security of online storage systems. A secure information sharing system was developed for setting up secure information infrastructure which is based on attribute certificate to coordinate multiple agencies task forces. By enhancing Laban dance notation, deploying computer animation, and developing wireless sensor based human motion tracking system, he is developing systems for improving assistive technologies and rehab patient care. He is currently working on techniques based on Software Defined Networks (SDN) for defending Distributed Denial of Services and improving cyber resilience, and techniques for enhancing data security through right path right place data delivery (R2D2).

Reviews

3.4

85 total reviews

5 star 4 star 3 star 2 star 1 star

Write a Review

By Yannick S on 22-Jan-18

I'm sorry that I have to give a bad rating on a course with such a rare but highly interesting topic. But while the assignments indeed made me learn a lot, pretty much nothing in this course is really well made.- Chow's English is really hard to follow- Chow's talks frequently get interrupted in the middle of the sentence by quizzes that pop up during the video lectures- Those (ungraded) quizzes often refer to later parts of the talk actually, so with no further knowledge you'll often have to guess at the point in time when they are presented- After almost every video, a readings page is presenting some links, and many if not most of them are broken. The URLs have to be manipulated in different ways to get the actual content.- The assignments require you to use Amazon's commercial AWS service. AWS offers a free tier for basic usage, but this free tier won't be enough to complete the last assignment, where you won't be charged much (unless you make some mistake), but you will be charged nonetheless. (Even for the free tier, registration is not possible without entering credit card information.)- The assignments of this course assume that you have an AWS instance set up exactly as described in course 1 of this specialization. If you didn't enroll in that course, there is no information given to you at all on how about to set this up, and you have to rely on somebody giving you a link to the according PDF in the forums.- The last assignment requires to clone a certain AWS Machine Image, which is not available any more. Some learner set up a replacement for it and posted instructions on how to use it, rather than Chow and his team.- The assignment documents miss any information on how to use some of the tools it does use. If you don't know how to transfer a file via SSH or use the VI editor, you'll have to google that yourself.- In the descriptions of the actual tasks, the assignment documents contain several critical errors, e.g. wrong file or variable names, so if you follow the words of the instructions perfectly, you won't be able to complete any of the assignments.- In the end of assignments 1 and 2, you are expected to submit series of screenshots, but are neither given an "Upload" button in the "Submit assignment" page nor any instructions on how to proceed otherwise.- When reviewing the assignments from others, there are no criteria given based which you should give points; it's always just "Does the learner know how to...? (yes/no/partly)", usually no information on what to expect in the answers and when to give the full amount of points or a part of it. This will not only make reviewing much harder than it should be, you will also receive very different amounts of points from different reviewers for the same assignment, even though due to the nature of the tasks the results are usually pretty much either fully correct or completely incorrect.I (and fellow learners) reported several such issues both via the "Report problem" button on each page and the discussion forums. It was not before the very end of my enrollment, but I finally received some feedback from Chow's staff, thanking me for my reports and telling me that they "are currently looking into resolving this issues" and, just a bit later, that "a revised version of [one assignment document] has been uploaded". So there is a chance that the course will improve in the future (though I did not spot a single improvement in said document on a quick look).

By Terry L on 25-Apr-19

The Asian teacher's pronunciation is little be hard to understand but I love this class still

By Rajath C S on 7-Oct-18

Its a great course to get started for anyone into the domain of information security, one might feel difficult with the instructor's accent but the support is great. W

By Varun S on 25-Sep-18

Very hard to understand Chinese English. This course has 2 challenges first to understand English second to understand the topic.

By Niels T on 27-Feb-18

good content overall, very interesting challenges in the practical coursework.very poor instructions however which often did not work! required setting up a cloud server and no instructions for doing so. asking for screenshots to grade coursework but coursera does not support uploading screenshots. instructor is very experienced in his field but hard to understand, often the subtitles say "INAUDIBLE" so some parts are impossible to follow.

By Eduardo G on 26-Feb-19

it is a very illustrative course... well done.

By SAMUEL B on 28-Oct-18

great course

By Robert C on 16-Nov-18

very informative

By L B on 5-Apr-18

This a very good course for beginners. However, it would be much better if the practical exercises were constantly reviewed to assure compatibility and coherence. There are several inconsistencies which prevent to properly complete the exercises unless you solve them... But if you are capable of solve them, perhaps you don't need the course....

By Kathan S on 8-May-19