Application, Cloud, and Specialized Attacks

This course expands the learner’s hacking toolkit to cover approximately 3 hours and 30 minutes of expert instruction across five focused modules. Web Application and Database Attacks opens the course, covering SQL injection, cross-site scripting, CSRF, API attacks, and hands-on Labtainers labs. Privilege Escalation and Local Host Attacks then addresses what happens after gaining a foothold — covering Linux and Windows privilege escalation and miscellaneous local host vulnerabilities. Attacking the Cloud addresses misconfigurations and exploitation in AWS, Azure, and other cloud environments. Specialized and Fragile Systems introduces testing approaches for mobile devices, virtual and containerized environments, and industrial control systems. The course closes with Social Engineering and Physical Attacks, covering phishing campaigns, spear phishing, in-person social engineering, and physical security assessments.