Chevron Left
Back to Hacking and Patching

Learner Reviews & Feedback for Hacking and Patching by University of Colorado System

4.0
stars
262 ratings

About the Course

In this MOOC, you will learn how to hack web apps with command injection vulnerabilities in a web site of your AWS Linux instance. You will learn how to search valuable information on a typical Linux systems with LAMP services, and deposit and hide Trojans for future exploitation. You will learn how to patch these web apps with input validation using regular expression. You will learn a security design pattern to avoid introducing injection vulnerabilities by input validation and replacing generic system calls with specific function calls. You will learn how to hack web apps with SQL injection vulnerabilities and retrieve user profile information and passwords. You will learn how to patch them with input validation and SQL parameter binding. You will learn the hacking methodology, Nessus tool for scanning vulnerabilities, Kali Linux for penetration testing, and Metasploit Framework for gaining access to vulnerable Windows Systems, deploying keylogger, and perform Remote VNC server injection. You will learn security in memory systems and virtual memory layout, and understand buffer overflow attacks and their defenses. You will learn how to clone a Kali instance with AWS P2 GPU support and perform hashcat password cracking using dictionary attacks and known pattern mask attacks....

Top reviews

AA

May 24, 2020

It was Great course to have and very skillful knowledge about Basic for Hacking

NH

Sep 13, 2019

This Course is very interested. I hope I will learn it for use purpose also.

Filter by:

1 - 25 of 71 Reviews for Hacking and Patching

By Yannick S

•

Jan 22, 2018

I'm sorry that I have to give a bad rating on a course with such a rare but highly interesting topic. But while the assignments indeed made me learn a lot, pretty much nothing in this course is really well made.- Chow's English is really hard to follow- Chow's talks frequently get interrupted in the middle of the sentence by quizzes that pop up during the video lectures- Those (ungraded) quizzes often refer to later parts of the talk actually, so with no further knowledge you'll often have to guess at the point in time when they are presented- After almost every video, a readings page is presenting some links, and many if not most of them are broken. The URLs have to be manipulated in different ways to get the actual content.- The assignments require you to use Amazon's commercial AWS service. AWS offers a free tier for basic usage, but this free tier won't be enough to complete the last assignment, where you won't be charged much (unless you make some mistake), but you will be charged nonetheless. (Even for the free tier, registration is not possible without entering credit card information.)- The assignments of this course assume that you have an AWS instance set up exactly as described in course 1 of this specialization. If you didn't enroll in that course, there is no information given to you at all on how about to set this up, and you have to rely on somebody giving you a link to the according PDF in the forums.- The last assignment requires to clone a certain AWS Machine Image, which is not available any more. Some learner set up a replacement for it and posted instructions on how to use it, rather than Chow and his team.- The assignment documents miss any information on how to use some of the tools it does use. If you don't know how to transfer a file via SSH or use the VI editor, you'll have to google that yourself.- In the descriptions of the actual tasks, the assignment documents contain several critical errors, e.g. wrong file or variable names, so if you follow the words of the instructions perfectly, you won't be able to complete any of the assignments.- In the end of assignments 1 and 2, you are expected to submit series of screenshots, but are neither given an "Upload" button in the "Submit assignment" page nor any instructions on how to proceed otherwise.- When reviewing the assignments from others, there are no criteria given based which you should give points; it's always just "Does the learner know how to...? (yes/no/partly)", usually no information on what to expect in the answers and when to give the full amount of points or a part of it. This will not only make reviewing much harder than it should be, you will also receive very different amounts of points from different reviewers for the same assignment, even though due to the nature of the tasks the results are usually pretty much either fully correct or completely incorrect.I (and fellow learners) reported several such issues both via the "Report problem" button on each page and the discussion forums. It was not before the very end of my enrollment, but I finally received some feedback from Chow's staff, thanking me for my reports and telling me that they "are currently looking into resolving this issues" and, just a bit later, that "a revised version of [one assignment document] has been uploaded". So there is a chance that the course will improve in the future (though I did not spot a single improvement in said document on a quick look).

By Varun S

•

Sep 25, 2018

Very hard to understand Chinese English. This course has 2 challenges first to understand English second to understand the topic.

By Niels T

•

Feb 27, 2018

good content overall, very interesting challenges in the practical coursework.

very poor instructions however which often did not work! required setting up a cloud server and no instructions for doing so. asking for screenshots to grade coursework but coursera does not support uploading screenshots. instructor is very experienced in his field but hard to understand, often the subtitles say "INAUDIBLE" so some parts are impossible to follow.

By Abhishek

•

May 25, 2020

It was Great course to have and very skillful knowledge about Basic for Hacking

By Rajath C S

•

Oct 7, 2018

Its a great course to get started for anyone into the domain of information security, one might feel difficult with the instructor's accent but the support is great. W

By Kathan S

•

May 8, 2019

this is my passion , coursera you did good effort make efficent learning.

By Liu T

•

Apr 25, 2019

The Asian teacher's pronunciation is little be hard to understand but I love this class still

By Deleted A

•

Aug 27, 2018

Poor materials and course content.

By Justin G

•

Dec 20, 2019

Professor consistently drops the ball and allows the AWS credits to expire inside this course. You cannot complete it as of 12/20/2019. Coursera is not able to fix this, Amazon says to talk to Coursera. Coursera says to talk to the Professor, and the Professor doesn't respond to his campus emails.

By Ganta s m

•

Sep 14, 2021

pursuing cousera course it hepled me a lot and very much coursera team

By Yaki M

•

Apr 12, 2021

Perhaps you'd consider my rating as unfair, but I am only giving this course two stars, because the instructors accent is very difficult to follow.

I haven't finished the course.

By L. B

•

Apr 5, 2018

This a very good course for beginners. However, it would be much better if the practical exercises were constantly reviewed to assure compatibility and coherence. There are several inconsistencies which prevent to properly complete the exercises unless you solve them... But if you are capable of solve them, perhaps you don't need the course....

By Hock S N

•

Jun 28, 2020

Thank you very much for hosting this program in Coursera. I have learnt valuable knowledge and hands-on skills such as creating instances in AWS, command injection, SQL injection and password cracking.

By Noor H

•

Sep 14, 2019

This Course is very interested. I hope I will learn it for use purpose also.

By Hafiz M Z

•

Jul 28, 2020

thanks to you, it was amazing

By Narendran S N

•

Jan 17, 2020

Understanding the language slank was a little difficult at first, but finally got used to it!

By Juan P V M

•

Jun 15, 2020

You can't access to the activities of the course because the credit of AWS is not avaliable

By Frode P M

•

May 12, 2021

Would like to learn more about hacking

By MD. R R 1

•

May 17, 2020

I didn't understand the course because of the instructor. His talking speed doesn't smooth what makes me bored and disturbed. In the middle of the course I am dropping it due to not understanding.

By Lakshay P

•

Oct 1, 2019

course should be well arranged

By Carlos L P

•

Aug 9, 2022

Very poor concepts, themes, theories....event security design patterns (there are many full books about this theme). For example NOP ops in buffer / stack overflow exploiting are to align memory, so you could need to put more than one NOP, but in the video is like if you cannot put more. Examples in Command Injection are to basic, more than that, so the concept is as basic as the example, there are a lot of imaginative ways to do, and the same goes for SQL Injection, MITRE database is plenty full of very good examples.

I cannot loose my time with this kind of courses, i expected much more, and found just the same empty literature as in any other book or web page telling the super hacker secrets

By TITO L D G

•

Aug 25, 2020

Nada que ver..

no quiero seguir en el, les notifico que no accederé mas al mismo, si van a pedir material enseñen lo que pretenden evaluar, pero lo único que vi fue conferencias de 8 a 16 minutos y en ningún momento se dijo nada de lo que se solicita en el proyecto de la semana entre 1 y 10 les doy 4, pero solo porque el expositor hace un buen trabajo, aunque nada que ver con lo que evalúan

By Anthony M

•

Apr 20, 2020

I am not impressed with this course I must say, I do not have a credit card and I can not proceed.

By Lam W L

•

Jan 24, 2022

It must use Amazon Web Service and it require credit card.

I don't accept this terms.

By Salman A

•

May 1, 2022

It's very bad there aren't any resources available for peer assignment and learning.