Faculty of Information Security - course 124,500 rubles. from GeekBrains, training 12 months, Date: June 10, 2023.

Our program is one of the most voluminous and comprehensive. At the same time, it is easy to understand because knowledge is given gradually: from basic to advanced tools.
Web application security. A basic level of
Courses
Gain the basic skills necessary for a high-quality understanding of the material in subsequent quarters. Learn the basics of using the Linux command line and the basics of Python programming to help automate tasks. Consider the main components that make up the web: URL, HTTP, HTML, JavaScript, Same Origin Policy and others.
Student introductory course
How to study effectively. Video course from GeekUniversity methodologists
• Features of studying at Geek University
• Why is it hard to study?
• Tools for self-education
• Learning from competencies
• Features of adult learning
• Setting SMART goals
• How to formulate an educational request
Linux. Work station
• Introduction. OS installation
• Setting up and familiarizing yourself with the command line interface
• Users. Managing users and groups

• OS loading and processes
• Linux file system device. Concept of File and Directory
• Introduction to bash scripts. crontab and at task schedulers
• Manage packages and repositories. Network Security Basics
• Introduction to docker
Python Basics
• Introduction to Python
• Built-in types and operations with them
• Functions
• Useful tools
• Working with files
• Object-oriented programming
• OOP. Advanced level
• OOP. Useful additions
Web technologies: vulnerabilities and security. Interactive course
• Introduction to the web
• URL
• HTTP
• HTML and CSS
• JavaScript
• Browsers: security concepts
• Same Origin Policy
• Modern ClientSide technologies and other web technologies
Web application security. Advanced level
Courses
Learn the general approach to testing web applications. Consider the stages of reconnaissance and search for vulnerabilities, typical vulnerabilities of the server and client parts of web applications. At the end of the quarter, you will understand how some of the most critical and interesting web vulnerabilities work (SSRF, XXE, SQLi, authentication bypass, and others).
Web Application Backend Security: Part 1
• Methodologies for searching for vulnerabilities
• Pentest and Bug Bounty
• Intelligence service
• Exploration 2.0
• Security misconfiguration
• Inclusion
• Remote Code Execution
• Non-RCE vulnerabilities
Web Application Client-side Security
• What is XSS
• XSS Contexts
• XSS classification
• XSS Exploitation
• WAF bypass:
• CSRF
• Content-Security-Policy
• Other vulnerabilities on the client
Web Application Backend Security: Part 2. Interactive course
• Introduction to server-side vulnerabilities
• SSRF
•XXE
• SQLi
• Authentication Mechanisms
• IDOR and CRLF
• LDAP injection
• OAuth 2.0 protocol
Binary Application Security
Courses
Learn about the internal structure of binary applications for various architectures and binary vulnerabilities. Gain experience working with disassemblers and debuggers. Get acquainted with utilities that allow you to automate the search for errors.
Reverse engineering
• Webinar “Introduction to the course”
• Video lesson “Introduction to Assembly Language”
• Video tutorial “Analysis of PE files”
• Webinar “Consultation”
• Video tutorial “Reverse engineering using OllyDbg”
• Video tutorial “Ways to bypass program activation”
• Webinar “Consultation”
• Video lesson “Anti-debugging techniques”
• Video lesson “Reverse engineering of programs with x64 architecture”
• Video tutorial “Searching for vulnerabilities”
• Webinar “Consultation”
Binary vulnerabilities
• Webinar “Introduction to the course”
• Video tutorial 1. Basic knowledge
• Webinar “Consultation”
• Video tutorial 2. Stack Overflow
• Video tutorial 3. Heap overflow
• Video tutorial 4. Format string vulnerability
• Video tutorial 5. Integer overflow
• Webinar “Consultation”
• Video tutorial 6. "Library Return Attack"
• Video tutorial 7. "Internal structure of the shellcode"
• Video lesson 8. “Searching for binary vulnerabilities”
• Webinar “Consultation”
Network Security and Cryptography
Courses
Learn to protect information: learn about the design of network protocols, be able to analyze intercepted traffic, and understand the vulnerabilities of Wi-Fi, Bluetooth and GSM. Learn to work with cryptographic libraries and be able to attack cryptographic schemes.
Computer networks. Interactive course
• Introduction to Computer Networks
• Ethernet. Physical layer
• Ethernet. Data Link Layer
• Network layer. Ch. 1. Classful addressing
• Network layer. Ch. 2. Classless addressing
• Network layer. Ch. 3. Dynamic routing
• Transport layer
• NAT technology
• Transport protocols
• Application protocols
Security of wired and wireless networks
• Introduction to network traffic analysis
• Passive network attacks
• Active network attacks
• OpenVas vulnerability scanner
• Metasploit Framework
• Wi-Fi security and vulnerability
• Bluetooth security
• GSM security
Cryptography. Interactive course
• Introduction to the course
• Symmetric cryptography
• Cryptographic hash functions
• Message Authentication Code
• Asymmetric cryptography and other topics
Items with individual start date selection
Courses
You can create part of the schedule yourself and adjust the intensity of training.
Preparing for an interview as an information security specialist
• How to take the path of a job seeker in the field of information security and what can come of it
• Basic standards, requirements, legal and regulatory provisions. Guiding Documents
• Basic standards, requirements, provisions of international legislation. Best practice
• Information systems for ensuring information security and means of protection. Part 1
• Information systems for ensuring information security and means of protection. Part 2
• Information systems for ensuring information security and means of protection. Part 3
• IT innovations in business. Models, types, systems. Vulnerabilities, security approaches and analytics
• DevSecOps. The role of an information security expert in cross-functional interaction
How can a GeekUniversity student find his first job?
• How to write a resume that will definitely get noticed
• We create a job search map
• Why are cover letters needed?
• What to expect at the interview with HR
Additional courses from partner companies
Courses
Leading technology companies in Russia participate in the development and delivery of training. You will learn more about the technologies and tools used by real businesses to create IT products.
Information security audit
Standards, methods and tools used in information security audits
Log collection systems
Using ELK, syslog/rsyslog, sentry tools. Collecting logs in a microservice environment
Protection of personal data (152-FZ)
Protection of personal information
Web Security
The course provides an overview of common attacks and shows key security measures for modern web applications.