• Online, Self-Paced

Cross-Site Request Forgery, Direct Object Reference, and Local and Remote File Inclusion attacks can prove very harmful to web applications. In this course, you'll examine how these attacks work and how to recognize them. First, you'll explore CSRF attacks and how they can be leveraged to attack users. Next, you'll learn about the IDOR attack, including how to find and exploit it. Finally, you'll learn about LFI and RFI attacks, including how they work and how they can be leveraged to gain access to a remote system. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.

Learning Objectives

{"recognize how Cross Site Request Forgery (CSRF) attacks work","Identify how Cross Site Request Forgery (CSRF) attacks can be leveraged by attackers"}

Framework Connections

The materials within this course focus on the Knowledge Skills and Abilities (KSAs) identified within the Specialty Areas listed below. Click to view Specialty Area details within the interactive National Cybersecurity Workforce Framework.

Feedback

If you would like to provide feedback for this course, please e-mail the NICCS SO at NICCS@hq.dhs.gov.