Secure Programming of Web Applications for Developers and TPMs - Session-Hijacking
This is only an abridged excerpt from the course
Secure Programming of Web Applications for Developers and TPMs
Chapters
Number | Title | Length |
---|---|---|
Start | ||
1 | Introduction and Motivation (Full preview availabe) | 2 min |
2 | Well-known Vulnerabilities Overview (Full preview availabe) | 2 min |
3 | Causes & Background | 9 min |
4 | Secure Programming in general | 3 min |
5 | BankBoard Intro – A vulnerable Java Web Application | 3 min |
6 | Code/Command Injection | 3 min |
7 | (No)SQL Code Injection (Full preview availabe) | 4 min |
8 | DEMO: BankBoard SQL Code Injection (Full preview availabe) | 2 min |
9 | Cross-Site Request Forgery (CSRF) | 5 min |
10 | DEMO: CSRF | 2 min |
11 | Cross-Site Scripting (XSS) | 5 min |
12 | DEMO: Simple XSS | 2 min |
13 | Open Redirection | 4 min |
14 | File Inclusion / Directory Traversal | 4 min |
15 | Clickjacking | 4 min |
16 | Session-Hijacking | 7 min |
17 | DEMO: XSS with Session-Hijacking | 2 min |
18 | Information Disclosure | 3 min |
19 | Authentication | 7 min |
20 | Denial of Service | 4 min |
21 | Middleware | 1 min |
22 | Third-Party Software | 1 min |
23 | Conclusion & Summary | 3 min |
A1 | [Appendix] Java Coding Example - Secure Password Hashing/PBKDF2 | 18 min |
Course Assessment |