YoVDO

Beyond OWASP Top 10 by Aaron Hnatiw - Hack in Paris - 2017

Offered By: Hack in Paris via YouTube

Tags

Hack in Paris Courses Penetration Testing Courses Regular Expressions Courses Web Application Security Courses Vulnerability Testing Courses

Course Description

Overview

Explore five dangerous web application vulnerabilities beyond the OWASP Top 10 in this 45-minute conference talk from Hack in Paris 2017. Delve into the intricacies of Output Encoding, Regular Expressions, Server Side Request Forgery, and more, as Aaron Hnatiw provides both exploitation techniques and mitigation strategies for each vulnerability. Learn how these lesser-known security risks can impact web applications and gain valuable insights for developers and pentesters alike. Discover practical testing methods, defense mechanisms, and the importance of protocol whitelisting to enhance your web application security knowledge beyond standard categorizations.

Syllabus

Intro
What is Top 10
Coverage
CWE
Vulnerability Testing
Output Encoding
Regular Expressions
Server Side Request forgery
Bypass firewalls
Google Digg vulnerability
How to test for serverside request forgery
How to defend against serverside request forgery
Whitelisting protocols
Review


Taught by

Hack in Paris

Related Courses

Network Security
Georgia Institute of Technology via Udacity Proactive Computer Security
University of Colorado System via Coursera Identifying, Monitoring, and Analyzing Risk and Incident Response and Recovery
(ISC)² via Coursera Hacker101
HackerOne via Independent CNIT 127: Exploit Development
CNIT - City College of San Francisco via Independent