LAB 327 – Defending C Applications Against Path Traversal

Course Overview


When applications rely on untrusted input data to make security decisions without canonicalizing it, attackers could exploit these weaknesses to perform malicious actions. For instance, they could bypass checks for restricted resources, traverse file system directories, and redirect file system operations to unintended resources, which could cause significant damage to your organization.

This Defending C Applications Skill Lab provides a virtual environment that contains a vulnerable application and its complete source code. It trains developers to identify and mitigate canonicalization vulnerabilities before negatively impacting your organization.

In this lab, learners will gain practical experience testing for a Path Traversal vulnerability and implementing appropriate mitigations such as:

  • Resolving path traversal characters.
  • Removing extraneous duplicate characters.
  • Resolving embedded environment variables.
  • Anchoring to a fixed location.

Looking To Learn More?

Request more information on our courses and labs.

* required

Course Details

Course Number: LAB 327
Course Duration: 5 minutes
Course CPE Credits: .25

NICE Work Role Category

Available Languages

  • English