SkillSoft Explore Course – Lambers, Inc.

Certification EC-Council Certified Ethical Hacker (CEH) Certified Ethical Hacker (CEH) v11

Cross-Site Request Forgery, Direct Object Reference, and Local and Remote File Inclusion attacks can prove very harmful to web applications. In this course, you'll examine how these attacks work and how to recognize them. First, you'll explore CSRF attacks and how they can be leveraged to attack users. Next, you'll learn about the IDOR attack, including how to find and exploit it. Finally, you'll learn about LFI and RFI attacks, including how they work and how they can be leveraged to gain access to a remote system. This course is one in a series that helps to prepare you for the Certified Ethical Hacker v11 (312-50) exam.

Asset ID	it_spceh11tv_32_enus
Course Type	Video Course
Course Category	EC-Council

Objectives
CEHv11: CSRF, IDOR, LFI & RFI Attacks recognize how Cross Site Request Forgery (CSRF) attacks work Identify how Cross Site Request Forgery (CSRF) attacks can be leveraged by attackers identify Insecure Direct Object Reference (IDOR) attacks and how to exploit it describe how remote and local file inclusion attacks can be leveraged to gain access to a remote system describe the difference between remote and local file inclusion attacks recognize how remote and local file inclusion attacks work

Objectives

CEHv11: CSRF, IDOR, LFI & RFI Attacks

recognize how Cross Site Request Forgery (CSRF) attacks work
Identify how Cross Site Request Forgery (CSRF) attacks can be leveraged by attackers
identify Insecure Direct Object Reference (IDOR) attacks and how to exploit it
describe how remote and local file inclusion attacks can be leveraged to gain access to a remote system
describe the difference between remote and local file inclusion attacks
recognize how remote and local file inclusion attacks work