Curriculum
14 Sections
56 Lessons
52 Weeks
Expand all sections
Collapse all sections
You, This Course and Us
1
2.1
You, This Course and Us
2 Minutes
What Is Security?
2
3.1
Security and its building blocks
14 Minutes
3.1
Security related definitions and categories
10 Minutes
Cross Site Scripting
4
4.1
What is XSS?
13 Minutes
4.1
Learn by example – how does a XSS attack work?
13 Minutes
4.1
Types of XSS
13 Minutes
4.1
XSS mitigation and prevention
11 Minutes
User Input Sanitization And Validation
5
5.1
Sanitizing input
12 Minutes
5.1
Sanitizing input – still not done
8 Minutes
5.1
Validating input
14 Minutes
5.1
Validating input – some more stuff to say
9 Minutes
5.1
Client Side Encoding, Blacklisting and Whitelisting inputs
7 Minutes
The Content Security Policy Header
4
6.1
Rules for the browser
11 Minutes
6.1
Default directives and wildcards
9 Minutes
6.1
Stay away from inline code and the eval() function
8 Minutes
6.1
The nonce attribute and the script hash
11 Minutes
Credentials Management
6
7.1
Broken authentication and session management
3 Minutes
7.1
All about passwords – Strength, Use and Transit
5 Minutes
7.1
All about passwords – Storage
13 Minutes
7.1
Learn by example – login authentication
10 Minutes
7.1
A little bit about hashing
11 Minutes
7.1
All about passwords – Recovery
14 Minutes
Session Management
8
8.1
What is a session?
6 Minutes
8.1
Anatomy of a session attack
7 Minutes
8.1
Session hijacking – count the ways
5 Minutes
8.1
Learn by example – sessions without cookies
15 Minutes
8.1
Session ids using hidden form fields and cookies
4 Minutes
8.1
Session hijacking using session fixation
8 Minutes
8.1
Session hijacking counter measures
4 Minutes
8.1
Session hijacking – sidejacking, XSS and malware
3 Minutes
SQL Injection
8
9.1
Who Is Bobby Tables?
5 Minutes
9.1
Learn by example – how does SQLi work?
9 Minutes
9.1
Anatomy of a SQLi attack – unsanitized input and server errors
9 Minutes
9.1
Anatomy of a SQLi attack – table names and column names
6 Minutes
9.1
Anatomy of a SQLi attack – getting valid credentials for the site
5 Minutes
9.1
Types of SQL injection
8 Minutes
9.1
SQLi mitigation – parameterized queries and stored procedures
8 Minutes
9.1
SQLi mitigation – Escaping user input, least privilege, whitelist validation
6 Minutes
Cross Site Request Forgery
4
10.1
What is XSRF?
10 Minutes
10.1
Learn by example – XSRF with GET and POST parameters
7 Minutes
10.1
XSRF mitigation – The referer, origin header and the challenge response
6 Minutes
10.1
XSRF mitigation – The synchronizer token
9 Minutes
Lot's Of Interesting Bits Of Information
3
11.1
The Open Web Application Security Project Preview
8 Minutes
11.1
2 factor authentications and OTPs
11 Minutes
11.1
Social Engineering
9 Minutes
Direct Object Reference
2
12.1
The direct object reference attack – do not leak implementation details
9 Minutes
12.1
Direct object reference mitigations
5 Minutes
IFrames
2
13.1
IFrames come with their own security concerns
7 Minutes
13.1
Sandboxing iframes
9 Minutes
One last word
1
14.1
Wrapping up the OWASP top 10 list
8 Minutes
PHP and MySQL Install And Set Up
6
15.1
Installing PHP (Windows)
10 Minutes
15.1
Enabling MySQL and using phpmyadmin (Windows)
3 Minutes
15.1
Installing PHP (Mac)
12 Minutes
15.1
Installing MySQL (Mac)
7 Minutes
15.1
Using MySQL Workbench (Mac)
17 Minutes
15.1
Getting PHP and MySQL to talk to each other (Mac)
1 Minute
Web Security: Common Vulnerabilities And Their Mitigation
Search
Security related definitions and categories
https://dwnk32xmy75f1.cloudfront.net/wp-content/uploads/20180824064917/WS_3.mp4
Login with your site account
Lost your password?
Remember Me
Not a member yet?
Register now
Register a new account
Are you a member?
Login now
Modal title
Main Content