GS
5.0Reviewed May 25, 2020
Great course, got lot to earn about vulnerabilities and their mitigation strategies
Peer assignments are copy pasted and don't always work correctly. Github repository is outdated and no response from instructors.
Exploiting and Securing Vulnerabilities in Java Applications
In this course, we will wear many hats. With our Attacker Hats on, we will exploit Injection issues that allow us to steal data, exploit Cross Site Scripting issues to compromise a users browser, break authentication to gain access to data and functionality reserved for the ‘Admins’, and even exploit vulnerable components to run our code on a remote server and access some secrets. We will also wear Defender Hats. We will dive deep in the code to fix the root cause of these issues and discuss various mitigation strategies. We do this by exploiting WebGoat, an OWASP project designed to teach penetration testing. WebGoat is a deliberately vulnerable application with many flaws and we take aim at fixing some of these issues. Finally we fix these issues in WebGoat and build our patched binaries. Together we will discuss online resources to help us along and find meaningful ways to give back to the larger Application Security community.
Status: Dependency Analysis
Status: Docker (Software)
IntermediateCourse24 hours
Featured reviews
GP
5.0Reviewed Jun 22, 2020
Excellent and really helpful material... By far the best and most interesting course in the series!
MJ
5.0Reviewed Nov 29, 2020
Exploiting and Securing Vulnerabilities in Java Applications is by far the best course in this series. There are practical examples, live coding, and well organized.
LP
4.0Reviewed Oct 2, 2019
course is good but it seems like, i am learner of this course..There is no one who can review my asginments -_-'
VV
5.0Reviewed Jan 29, 2020
Very Good course material. dicover it, try it, fix it method.
All reviews
Showing: 15 of 15
All Learners
All Stars
Most Helpful
Janis Walliser
1.0
Reviewed Feb 23, 2020Lakshay Pandit
4.0
Reviewed Oct 3, 2019course is good but it seems like, i am learner of this course..There is no one who can review my asginments -_-'
Rommel Oramas
1.0
Reviewed Oct 10, 2020It's too basic, I can download Webgoat by myself, read every topic and complete all the "try it" sections. The teacher doesn't add any value.
Mahmoud Jadaan
5.0
Reviewed Nov 30, 2020Exploiting and Securing Vulnerabilities in Java Applications is by far the best course in this series. There are practical examples, live coding, and well organized.
Pratik Pansare
4.0
Reviewed Mar 31, 2021Good course, following a consistent structure so that it easy to compare and contrast the broad 7 sub-types of exploits discussed here, and their fixes!
Just as a feedback please include a post within the course for setup for eclipse IDE as well.
Shaiful Islam
5.0
Reviewed Aug 13, 2020Well organized course. I have learned a lot of new things from this course. As a Software Engineer, we should aware of the security concern during application development. So that we can avoid any unexpected situation in the future. This course guided me to know about security concerns at the application level. Highly recommended for Java developer.
LUIS ALBERTO OTINIANO FALERO
5.0
Reviewed Feb 21, 2022Muy buen curso, en la cual practiqué diversos tipos de ataques de cross-site scripting (XSS), mitigue las vulnerabilidades de inyecciones en la WEB y lo más interesante, es que pude examinar el código#Javapara encontrar y parchear componentes vulnerables. Una de las herramientas de proxy a utilizar fue#Burpsuite
Giorgos Polydoros
5.0
Reviewed Jun 23, 2020Excellent and really helpful material... By far the best and most interesting course in the series!
Larissa Benevides Vieira
5.0
Reviewed Jan 12, 2022O curso é MUITO bom, porém tive problema com a demora para avaliarem a minha última tarefa.
Gaurav Singh
5.0
Reviewed May 26, 2020Great course, got lot to earn about vulnerabilities and their mitigation strategies
Vikram
5.0
Reviewed Jan 30, 2020Very Good course material. dicover it, try it, fix it method.
Marcos Tulio Junior
5.0
Reviewed Jun 9, 2023great
Florian Look
3.0
Reviewed Nov 1, 2025Might be a nice course if you are a web developer using Java. As an embedded SW developer this is not a helpful course for me. The content is partly a duplication of "Identifying Security Vulnerabilities of this specialization.
Giorgio Bernardinetti
3.0
Reviewed Oct 31, 2019Good start of Web Exploitation. But why is there "Java" in the name of the course? The course is much more generic than "Java Applications"
Heris T
1.0
Reviewed Oct 27, 2022I finish the course but didn't get any certification