• Online, Self-Paced

Improper validation of hidden yet mutable field values potentially paves the way for other attacks such as Cross-Site Scripting, SQL Injection, or even gaining unauthorized access. This lab on Hidden Form Fields assesses the learner’s understanding of how an existing vulnerability related to hidden form fields in an online banking application can be discovered and exploited.

Learning Objectives

On successful completion of this course, learners should have the knowledge and skills required to:

  • Understand how adversaries can exploit such vulnerabilities to tamper with client-side data, in this case for monetary gain.

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.