Skip to content

Red Timmy Academy

by Red Timmy Security

MENUMENU

Courses
Log In

LAB 1A

Home
LAB 1A

LAB 1A

Introduction to Java Security > LAB 1A

Purchase this course to view this lesson.

Add to Cart Course Details

Introduction and setup

1 - Overview
2 - Setup & Course files

Module 1 – Java Serialization

3 - Java Essentials and Terminology
4 - Java Serialization
5 - LAB 1A
6 - Java Deserialization Attacks
7 - LAB 1B
8 - Java Deserialization Under The Hood
9 - LAB 1C
10 - Module 1 – Summary

Module 2 – Exploitation of Java Deserialization vulnerabilities

11 - Building a Gadget Chain
12 - LAB 2A
13 - Advanced Gadgets: Trampolines
14 - Case Study: JSF Viewstate
15 - LAB 2B
16 - Module 2 – Summary
17 - BONUS: The Commons Collections Gadget Chain Step-by-step

Module 3 – Expression Language

18 - What is Expression Language?
19 - Remote Code Execution via Expression Language
20 - Case Study: RichFaces
21 - LAB 3A
22 - EL Injection in Richfaces
23 - LAB 3B & 3C
24 - Module 3 – Summary

Module 4 – Stacktraces

25 - Reading Stack Traces
26 - LAB 4

Module 5 – Exploiting the JSF framework

27 - Apache MyFaces
28 - LAB 5.1
29 - Apache MyFaces Viewstate Encryption
30 - LAB 5.2
31 - Module 5 – Summary

Module 6.1 – JDWP

32 - Remote Code Execution with JDWP
33 - LAB 6.1A
34 - LAB 6.1B
35 - Discovering JDWP on the Network

Module 6.2 – JMX/RMI

36 - What is JMX/RMI?
37 - LAB 6.2A
38 - LAB 6.2B
39 - JMX/RMI Exploitation
40 - Authentication mechanisms

Cart
Checkout
My account
Privacy Policy
Profile
Red Timmy Academy
Shop

Copyright ©2020 Red Timmy Academy . All rights reserved. Powered by WordPress & Designed by Cyclone Themes