The Node.js Highway - Attacks Are At Full Throttle
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the security landscape of Node.js in this 42-minute conference talk from AppSecEU 2015 in Amsterdam. Delve into the architecture, potential vulnerabilities, and attack vectors specific to Node.js applications. Learn about CPU-intensive code risks, web server vulnerabilities, and third-party component threats. Examine real-world examples, including random number prediction and rainbow table attacks, with a live demonstration. Investigate MongoDB security concerns, user authentication issues, and routing stack vulnerabilities. Gain insights into defending against malicious attacks and implementing proper security measures for Node.js applications.
Syllabus
Introduction
Agenda
Architecture
NoJS
CPU Intensive Code
Nodejs Web Server
ThirdParty Components
Example
Random Number Prediction
Rainbow Tables
Demo
MongoDB
Document
User Find
NoJS vs Evil
NoJS routing stack
Add method
Add page
Route stack
No tracking
Taught by
OWASP Foundation
Related Courses
Building Geospatial Apps on Postgres, PostGIS, & Citus at Large ScaleMicrosoft via YouTube Unlocking the Power of ML for Your JavaScript Applications with TensorFlow.js
TensorFlow via YouTube Managing the Reactive World with RxJava - Jake Wharton
ChariotSolutions via YouTube What's New in Grails 2.0
ChariotSolutions via YouTube Performance Analysis of Apache Spark and Presto in Cloud Environments
Databricks via YouTube