This course is great for developers who want to secure their client’s websites, and for anyone else who wants to learn more about web security.
Topics include:
- Why security matters
- What is a hacker?
- How to write a security policy
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- Session hijacking and fixation
- Passwords and encryption
- Secure credit card payments
Table of content
- Introduction
- Introduction
- Security Overview
- What is security?
- Why security matters
- What is a hacker?
- Total security is unachievable
- Get in the security mind-set
- Write a security policy
- General Security Principles
- Least privilege
- Simple is more secure
- Never trust users
- Expect the unexpected
- Defense in depth
- Security through obscurity
- Blacklisting and whitelisting
- Map exposure points and data passageways
- Filtering Input, Controlling Output
- Regulating requests
- Validating input
- Sanitizing data
- Labeling variables
- Keeping code private
- Keeping credentials private
- Keeping error messages vague
- Smart logging
- The Most Common Attacks
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- SQL injection
- URL manipulation
- Faked requests and forms
- Cookie visibility and theft
- Session hijacking
- Session fixation
- Remote system execution
- File-upload abuse
- Denial of service
- Encryption and User Authentication
- Password encryption
- Salting passwords
- Password requirements
- Brute-force attacks
- Using SSL for login
- Protecting cookies
- Regulating access privileges
- Handling forgotten passwords
- Multi-factor authentication
- Other Areas of Concern
- Credit card payments
- Regular expression flaws
- Conversions and transformations
- Buffer overflows
- Source code managers
- Database security
- Server security
- Conclusion
- Goodbye
Rapidgator.net
K2s.cc
Uploadable.ch
No comments:
Post a Comment