YoVDO

Modern Web Vulnerabilities 2020

Offered By: NDC Conferences via YouTube

Tags

NDC Conferences Courses Web Application Security Courses Insecure Deserialization Courses HTTP Request Smuggling Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore modern web vulnerabilities in this comprehensive conference talk from NDC Security. Delve into the evolution of lesser-known web application vulnerabilities that have gained prominence through bug bounty programs since 2018. Examine recurring issues and newly surfaced vulnerabilities, complete with live demonstrations. Gain insights into the causes of these bugs, learn detection techniques, and discover effective mitigation strategies. Cover topics such as insecure deserialization, server-side request forgery, edge side includes, JavaScript prototype pollution, API vulnerabilities, and HTTP request smuggling. Enhance your understanding of web security challenges and equip yourself with the knowledge to identify and eliminate these threats in your applications.

Syllabus

Intro
NDC Security 2018
Insecure Deserialization
SSRF - Server Side Request Forgery
Edge Side Includes
Reverse proxy with caching
Dangers of ESI Injection
Finding and stopping ESI injection
JavaScript prototypes
Example: Logger definition
Exploring prototypes
Prototypes are mutable!
Common JavaScript patterns
Attack vectors
Avoiding prototype pollution attacks
Common API Problems
Classic HTTP Request smuggling
Detection and protection


Taught by

NDC Conferences

Related Courses

Health Informatics: Data and Interoperability Standards
Georgia Institute of Technology via edX Observability with OpenTelemetry and Grafana
Pluralsight Overcoming Imposter Syndrome
Pluralsight 0-60 in the .NET Framework - Software Development for Formula 1
NDC Conferences via YouTube Testing - Is This Thing On(line)? Meet Your New Microsoft Testing Tools
NDC Conferences via YouTube