YoVDO

Appsec TLDR

Offered By: YouTube

Tags

DerbyCon Courses Application Security (AppSec) Courses Authorization Courses Cookies Courses HTTP Requests Courses Session Hijacking Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore application security fundamentals in this 43-minute DerbyCon conference talk. Dive into web browser mechanics, HTTP requests, and URL structures. Learn to set up browser proxies, understand cookies, and analyze HTML responses. Adopt an attacker's mindset by identifying threats and objectives. Discover tips for addressing insufficient authentication and authorization, and explore common vulnerabilities like session hijacking, cross-site scripting (XSS), SQL injection, and cross-site request forgery (CSRF). Gain practical insights with examples, test strings, and attack scenarios to enhance your web application security knowledge.

Syllabus

Intro
What is this web
Browsers!
How can I see what a browser is doing?
Setting up your Browser Proxy.
What is a HTTP Request?
URL Structure
COOOKIES YOU SAY?
HTML Responses
Attacker Mentality
Who is your threat?
What do you want to get?
How will you get it?
Insufficient Authentication Tips
Insufficient Authorization
Authorization Tips & Tricks
Session Hi-Jacking (Session Fixation)
Cross Site Scripting (XSS)
XSS EXAMPLE
Common XSS Test Strings
XSS Analysis
What is SQL?
Common SQLi Uses
SQL Injection Workflow
Cross Site Request Forgery (CSRF)
CSRF Attack Scenario
Quick Bonuses


Related Courses

Introduction to API Testing using JMeter Tool
Coursera Project Network via Coursera
Learn to Code in Python 3: Programming beginner to advanced
Udemy
React: Comprehensive Guide to Modern Web Development
Udemy
Web Scraping in R
DataCamp
Vue - The Complete Guide (incl. Router & Composition API)
Udemy