3000+ Courses from California Community Colleges

Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Basic Web Applications Security

code::dive conference via YouTube

Start learning Write review

Overview

Explore basic web application security vulnerabilities and their prevention in this code::dive 2018 conference talk. Dive into SQL Injection, Cross-Site Scripting (XSS), and Cross-Site Request Forgery (CSRF) through live demonstrations and real-world examples. Learn how to detect, exploit, and fix these common security issues using a Java-based web application built with Spring Boot. Witness practical hacking techniques, including authentication bypass, database content retrieval, session hijacking, and unauthorized actions. Gain insights into effective protection methods such as parameter binding, encoding, and double submit cookies. Suitable for developers with basic programming knowledge in any language, this hands-on lecture provides essential skills for building more secure web applications.

Syllabus

Intro
SQL Injection: Did you know?
SQL Injection: Bypassing authentication
SQL Injection: Retrieving sensitive data
SQL Injection Protection
Parameters Binding: How does it work?
SQL Injection: Summary
Cross-Site Scripting (XSS)
Reflected XSS
XSS Payloads
XSS Protection: Encoding
XSS Example: Safari Books
XSS: Summary
Cross-Site Request Forgery (CSRF)
CSRF Example
CSRF Prevention: Double submit cookie
CSRF: Summary

Taught by

code::dive conference

Reviews

Start your review of Basic Web Applications Security

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.