Curriculum
14 Sections
56 Lessons
52 Weeks
Expand all sections
Collapse all sections
You, This Course and Us
1
2.1
You, This Course and Us
2 Minutes
What Is Security?
2
3.1
Security and its building blocks
14 Minutes
3.1
Security related definitions and categories
10 Minutes
Cross Site Scripting
4
4.1
What is XSS?
13 Minutes
4.1
Learn by example – how does a XSS attack work?
13 Minutes
4.1
Types of XSS
13 Minutes
4.1
XSS mitigation and prevention
11 Minutes
User Input Sanitization And Validation
5
5.1
Sanitizing input
12 Minutes
5.1
Sanitizing input – still not done
8 Minutes
5.1
Validating input
14 Minutes
5.1
Validating input – some more stuff to say
9 Minutes
5.1
Client Side Encoding, Blacklisting and Whitelisting inputs
7 Minutes
The Content Security Policy Header
4
6.1
Rules for the browser
11 Minutes
6.1
Default directives and wildcards
9 Minutes
6.1
Stay away from inline code and the eval() function
8 Minutes
6.1
The nonce attribute and the script hash
11 Minutes
Credentials Management
6
7.1
Broken authentication and session management
3 Minutes
7.1
All about passwords – Strength, Use and Transit
5 Minutes
7.1
All about passwords – Storage
13 Minutes
7.1
Learn by example – login authentication
10 Minutes
7.1
A little bit about hashing
11 Minutes
7.1
All about passwords – Recovery
14 Minutes
Session Management
8
8.1
What is a session?
6 Minutes
8.1
Anatomy of a session attack
7 Minutes
8.1
Session hijacking – count the ways
5 Minutes
8.1
Learn by example – sessions without cookies
15 Minutes
8.1
Session ids using hidden form fields and cookies
4 Minutes
8.1
Session hijacking using session fixation
8 Minutes
8.1
Session hijacking counter measures
4 Minutes
8.1
Session hijacking – sidejacking, XSS and malware
3 Minutes
SQL Injection
8
9.1
Who Is Bobby Tables?
5 Minutes
9.1
Learn by example – how does SQLi work?
9 Minutes
9.1
Anatomy of a SQLi attack – unsanitized input and server errors
9 Minutes
9.1
Anatomy of a SQLi attack – table names and column names
6 Minutes
9.1
Anatomy of a SQLi attack – getting valid credentials for the site
5 Minutes
9.1
Types of SQL injection
8 Minutes
9.1
SQLi mitigation – parameterized queries and stored procedures
8 Minutes
9.1
SQLi mitigation – Escaping user input, least privilege, whitelist validation
6 Minutes
Cross Site Request Forgery
4
10.1
What is XSRF?
10 Minutes
10.1
Learn by example – XSRF with GET and POST parameters
7 Minutes
10.1
XSRF mitigation – The referer, origin header and the challenge response
6 Minutes
10.1
XSRF mitigation – The synchronizer token
9 Minutes
Lot's Of Interesting Bits Of Information
3
11.1
The Open Web Application Security Project Preview
8 Minutes
11.1
2 factor authentications and OTPs
11 Minutes
11.1
Social Engineering
9 Minutes
Direct Object Reference
2
12.1
The direct object reference attack – do not leak implementation details
9 Minutes
12.1
Direct object reference mitigations
5 Minutes
IFrames
2
13.1
IFrames come with their own security concerns
7 Minutes
13.1
Sandboxing iframes
9 Minutes
One last word
1
14.1
Wrapping up the OWASP top 10 list
8 Minutes
PHP and MySQL Install And Set Up
6
15.1
Installing PHP (Windows)
10 Minutes
15.1
Enabling MySQL and using phpmyadmin (Windows)
3 Minutes
15.1
Installing PHP (Mac)
12 Minutes
15.1
Installing MySQL (Mac)
7 Minutes
15.1
Using MySQL Workbench (Mac)
17 Minutes
15.1
Getting PHP and MySQL to talk to each other (Mac)
1 Minute
Web Security: Common Vulnerabilities And Their Mitigation
Search
This content is protected, please
login
and enroll in the course to view this content!
Login with your site account
Lost your password?
Remember Me
Not a member yet?
Register now
Register a new account
Are you a member?
Login now
Modal title
Main Content