Learn how to use tools like Synk, Dependabot, and AppSensor to examine vulnerabilities in your JavaScript applications and close the loopholes before hackers can exploit them.
Overview
Syllabus
Introduction
- Foundational JavaScript security
- What you should know
- What is ethical hacking?
- Overview of cyber kill chain
- Plan an attack strategy
- Base project setup
- Challenge: What is ethical hacking?
- Solution: What is ethical hacking?
- Reconnaissance introduction
- Introduction and setup for Snyk
- Introduction to GitHub Dependabot
- Introduction to AppSensor
- Reconnaissance applied to project
- Challenge: What is the purpose of reconnaissance?
- Solution: What is the purpose of reconnaissance?
- Injection threat
- Broken authentication
- Sensitive data
- XML external entities
- Security misconfiguration
- Insecure deserialization
- Components with known vulnerabilities
- Insufficient logging and monitoring
- Challenge: What is the best resource for top threats?
- Solution: What is the best resource for top threats?
- Injection threat resources
- Broken authentication resources
- Sensitive data exposure resources
- XML external entities resources
- Security misconfiguration resources
- Secure deserialization resources
- Challenge: What is secured deserialization?
- Solution: What is secured deserialization?
- Next steps
Taught by
Emmanuel Henri