Course Description

This course will take you on a journey into injection vulnerabilities. We will start off with a discussion of what injection vulnerabilities are, and then dive into how each type works and can be remediated.

This course will help you understand the foundational concepts of the vulnerability and ways to avoid it in the first place.

Application Security Professional

James Jardine

James Jardine is the CEO of Jardine Software Inc. He started is career as a developer, working on all types of projects across web, mobile, and desktop. James has spent the last 7 years focusing on application security. His over 15 years of combined experience provides a unique insight into both development and security for applications. James has presented and trained at Derbycon, Blackhat, Infosecworld, Hacker Halted and many others. He was previously an author and instructor at the SANS Institute where he taught the Secure Coding in .Net course.

Course curriculum

  • 1


    • Introduction to Injection

    • Intro to Input Validation

  • 2

    SQL Injection

    • SQL Injection

    • Walkthrough - SQL Injection

    • Walkthrough - SQL Injection (Stored Procedures)

    • Walkthrough - SQL Injection (sqlmap)

  • 3

    Command Injection

    • Command Injection

    • Walkthrough - OS Injection

  • 4

    External Entity Injection (XXE)

    • XXE

    • XXE in .Net

    • Walkthrough - XXE