Project description
The project starts with the code of a very simple and unsafe HTTP server. This program receives requests through a TCP socket and returns the requested file or the output of executed commands. The student is guided through discovering the different security issues, describing them and fixing them.
Contents
Writing Secure Code in C++ Project VM
File — 02:00:00
Download the VM you will need to complete the C++ project.
Project Introduction
Video — 00:09:54
This video is an introduction to the project.
Receiving Requests
Video — 00:06:59
This video explores the topic of receiving requests.
Receiving Requests: The Security Flaw
Video — 00:02:41
This video takes you through the security flaws in receiving requests.
Receiving Requests: A Possible Solution
Video — 00:01:44
Explore a possible solution for flaws in receiving requests.
Parsing Requests: The Flaw
Video — 00:01:21
Examine the flaws in parsing the request.
Parsing Requests: A Possible Solution
Video — 00:03:32
This video explores a possible solution to the flaw in parsing requests.
Sending Files: The Flaw
Video — 00:04:21
In this video, we will review the flaw in the sending file.
Sending Files: A Possible Solution
Video — 00:07:38
Take a look at the potential solution for the flaw in sending files.
Executing Programs: Flaws and Fix
Video — 00:06:12
This video will be your guide to the details of executing programs.
Executing Programs: A Possible Solution
Video — 00:03:55
This video explores a possible solution to the flaw in executing programs.
Plans & pricing
-
Infosec Skills Personal
- 190+ role-guided learning paths (e.g., Ethical Hacking, Threat Hunting)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Custom certification practice exams (e.g., CISSP, Security+)
- Skill assessments
- Infosec peer community support
-
Infosec Skills Teams
- Team administration and reporting
- Dedicated client success manager
-
Single sign-on (SSO)
Easily authenticate and manage your learners by connecting to any identity provider that supports the SAML 2.0 standard.
-
Integrations via API
Retrieve training performance and engagement metrics and integrate learner data into your existing LMS or HRS.
- 190+ role-guided learning paths and assessments (e.g., Incident Response)
- 100s of hands-on labs in cloud-hosted cyber ranges
- Create and assign custom learning paths
- Custom certification practice exams (e.g., CISSP, CISA)
- Optional upgrade: Guarantee team certification with live boot camps
Unlock 7 days of free training
- 1,400+ hands-on courses and labs
- Certification practice exams
- Skill assessments