Claim your FREE 7-day trial

Command Injection

This course introduces command injection vulnerabilities, their exploitation and possible mitigations.

7 videos  //  40 minutes of training

Course description

Command injection vulnerabilities take advantage of the fact that instructions and data are often mixed within programs. This course demonstrates how command injection vulnerabilities can be exploited by an attacker, what to look out for and how to write code that is immune to this type of attack.

Course syllabus

Introduction to Command InjectionDuration: 1:40

This video provides an introduction to the command injection course.

Introduction to DataDuration: 6:23

This video covers the fundamentals of how data and code are handled in many execution environments.

Command InjectionDuration: 5:26

This video describes how command injection vulnerabilities can make an application vulnerable to attack.

Command Injection ExploitationDuration: 4:08

This video describes how command injection vulnerabilities can be exploited by an attacker.

Command Injection Case StudyDuration: 4:34

This video describes a case study of an application vulnerable to command injection.

Command Injection MitigationsDuration: 9:49

This video describes mitigations for command injection vulnerabilities.

Command Injection DemoDuration: 7:42

This video demonstrates exploitation of a command injection vulnerability.

Meet the author

Howard Poston


Howard Poston is a cybersecurity researcher with a background in blockchain, cryptography and malware analysis. He has a master's degree in Cyber Operations from the Air Force Institute of Technology and two years of experience in cybersecurity research and development at Sandia National Labs. He currently works as a freelance consultant providing training and content creation for cyber and blockchain security. He can be reached by email at or via his website at

You're in good company

"Comparing Infosec to other vendors is like comparing apples to oranges. My instructor was hands-down the best I’ve had." 

James Coyle

FireEye, Inc.

"I knew Infosec could tell me what to expect on the exam and what topics to focus on most."

Julian Tang

Chief Information Officer

"I’ve taken five boot camps with Infosec and all my instructors have been great."

Jeffrey Coa

Information Security Systems Officer

Plans and pricing





$599 / license

Annually. Includes all content plus team admin and reporting.