SDT 317 – Testing for Improper Control of Generation of Code

Course Overview


When user input can influence dynamically generated code to influence program flow or execute arbitrary code the attack is often referred to as code injection. This course introduces ways to identify and mitigate this security weakness, referenced as CWE-94 by the CWE Top 25.

Topics include:

  • Recognizing the impact of this vulnerability
  • Understanding various forms of this attack and their similarities
  • Techniques for finding Hard-Coded credentials in source code
  • Application of mitigation techniques for limiting the impact
  • Leveraging various tools used to test for code injection vulnerabilities

Looking To Learn More?

Request more information on our courses and labs.

* required

Course Details

Course Number: SDT 317
Course Duration: 10 minutes
Course CPE Credits: 0.25

NICE Work Role Category

Available Languages

  • English