Beyond OWASP Top 10 by Aaron Hnatiw - Hack in Paris - 2017
Offered By: Hack in Paris via YouTube
Course Description
Overview
Explore five dangerous web application vulnerabilities beyond the OWASP Top 10 in this 45-minute conference talk from Hack in Paris 2017. Delve into the intricacies of Output Encoding, Regular Expressions, Server Side Request Forgery, and more, as Aaron Hnatiw provides both exploitation techniques and mitigation strategies for each vulnerability. Learn how these lesser-known security risks can impact web applications and gain valuable insights for developers and pentesters alike. Discover practical testing methods, defense mechanisms, and the importance of protocol whitelisting to enhance your web application security knowledge beyond standard categorizations.
Syllabus
Intro
What is Top 10
Coverage
CWE
Vulnerability Testing
Output Encoding
Regular Expressions
Server Side Request forgery
Bypass firewalls
Google Digg vulnerability
How to test for serverside request forgery
How to defend against serverside request forgery
Whitelisting protocols
Review
Taught by
Hack in Paris
Related Courses
Design of Computer ProgramsStanford University via Udacity Programming Languages
University of Virginia via Udacity Data Structures and Performance
University of California, San Diego via Coursera Introducción a Data Science: Programación Estadística con R
Universidad Nacional Autónoma de México via Coursera Applied Text Mining in Python
University of Michigan via Coursera