The Node.js Highway - Attacks Are At Full Throttle
Offered By: OWASP Foundation via YouTube
Course Description
Overview
Explore the security landscape of Node.js in this 42-minute conference talk from AppSecEU 2015 in Amsterdam. Delve into the architecture, potential vulnerabilities, and attack vectors specific to Node.js applications. Learn about CPU-intensive code risks, web server vulnerabilities, and third-party component threats. Examine real-world examples, including random number prediction and rainbow table attacks, with a live demonstration. Investigate MongoDB security concerns, user authentication issues, and routing stack vulnerabilities. Gain insights into defending against malicious attacks and implementing proper security measures for Node.js applications.
Syllabus
Introduction
Agenda
Architecture
NoJS
CPU Intensive Code
Nodejs Web Server
ThirdParty Components
Example
Random Number Prediction
Rainbow Tables
Demo
MongoDB
Document
User Find
NoJS vs Evil
NoJS routing stack
Add method
Add page
Route stack
No tracking
Taught by
OWASP Foundation
Related Courses
Authentication & Authorization: OAuthUdacity Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Hacking and Patching
University of Colorado System via Coursera Fundamentals of Computer Network Security
University of Colorado System via Coursera