web security and clever attacks, defenses, and techniques for writing secure code
- Free tutorial
- Rating: 4.7 out of 54.7 (3,992 ratings)
- 61,946 students
- 5hr of on-demand video
- Created by Daniel Arzuaga
- English
What you’ll learn
- This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers improve their understanding of web security issues.
- We’ll be covering the fundamentals as well as the state-of-the-art in web security. Topics include: Principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, and techniques for writing secure code. Course projects include writing security exploits, defending insecure web apps, and implementing emerging web standards.
Requirements
- A computer and an enthusiasm to learning and hacking
Description
This course is a comprehensive overview of web security. The goal is to build an understanding of the most common web attacks and their countermeasures. Given the pervasive insecurity of the modern web landscape, there is a pressing need for programmers and system designers improve their understanding of web security issues.
We’ll be covering the fundamentals as well as the state-of-the-art in web security.
Topics include: Principles of web security, attacks and countermeasures, the browser security model, web app vulnerabilities, injection, denial-of-service, TLS attacks, privacy, fingerprinting, same-origin policy, cross site scripting, authentication, JavaScript security, emerging threats, defense-in-depth, and techniques for writing secure code. Course projects include writing security exploits, defending insecure web apps, and implementing emerging web standards.
Who this course is for:
- Developers interested in learning the latest in cyber security
Show less
Course content
11 sections • 11 lectures • 4h 59m total lengthCollapse all sections
INTRODUCTION, WEB PROCESSES, TASKS1 lecture • 54min
- INTRODUCTION, WEB PROCESSES, TASKS53:37
DNS ATTACKS1 lecture • 23min
- DNS ATTACKS23:06
HTTP ATTACKS1 lecture • 32min
- HTTP ATTACKS32:00
COOKIE HIGHJACKING ATTACKS1 lecture • 35min
- COOKIE HIGHJACKING ATTACKS35:13
SESSION HIGHJACKING ATTACK1 lecture • 16min
- SESSION HIGHJACKING ATTACK16:13
SAME ORIGIN POLICY INTRO1 lecture • 3min
- SAME ORIGIN POLICY INTRO03:04
SAME ORIGIN POLICY, CROSS-SITE-REQUEST-FORGERY1 lecture • 32min
- SAME ORIGIN POLICY, CROSS-SITE-REQUEST-FORGERY31:44
CROSS-SITE-SCRIPTING, XSS ATTACKS1 lecture • 29min
- CROSS-SITE-SCRIPTING, XSS ATTACKS28:59
XSS DEFENSE, CROSS-SITE-SCRIPTING1 lecture • 25min
- XSS DEFENSE, CROSS-SITE-SCRIPTING25:16
PHISHING ATTACKS, TABNABBING ATTACKS, END OF PART 1 CLIENT SIDE SECURITY1 lecture • 17min
- PHISHING ATTACKS, TABNABBING ATTACKS, END OF PART 1 CLIENT SIDE SECURITY16:43
SQL Injections, Command Injections1 lecture • 34min
- SQL Injections, Command Injections33:38
