• Find
    Great Courses
  • Create
    a Course
  • About
  • Blog
  • Help
  • Login
  • Home
    • › Learn › Web Application Security study group
course image

Overview of vulnerabilities and defenses for web developers.

There are many potential vulnerabilities when it comes to web development. We'll do hand-ons exercices with some of the more popular and understand how to defend against exploits.

This will be language/framework agnostic but if code does appear it will probably be: JavaScript, Python, Java or PHP.

See the "Full Description" for the lesson plan.

Web Image: Some rights reserved by Marcelo Tourne

Tags

  • programming
  • security
  • web
  • web development
View Full Description
  • School of Webcraft

    WEBCRAFT
  • Archived
  • Runs Sept. 19, 2011 to Nov. 21, 2011
  • Kind
    Study Group
  • Signup
    Moderated signup
  • Chat
    #p2pu-255-web-applic
  • Updates
    92
  • Organizers
    2
  • Participants
    19
  • Followers
    41
See All »

People


Jessica Ledbetter (organizer) Vladimir Támara Patiño (organizer) triketora (participant) chris (participant) djunia (participant) tfdiehl (participant) shan (participant) micklweiss (participant) VV SS (participant) Kim (participant) hSummer (participant) fatima (participant) Pat (participant) gotim (participant) wildcat (participant) Rahul Prasad (participant) S (participant) udothehokeypokey (participant) Seye Kuyinu (participant) mcarrano (participant) Joe (participant) AJC (follower) Saurabh Banka (follower) Julio Cesar (follower) Ursula (follower) kel (follower) Saipan (follower) Facu (follower) fretwiz (follower) Mike (follower) poindexterc (follower) Jonny Power (follower) Nashville (follower) Eddy (follower) Robert Rivera (follower) maical (follower) Mr.adult930 (follower) Sharon (follower) Liina (follower) Italo Adler (follower) Miguel Angel García Ramírez (follower) bright_day (follower) slothy (follower) Raja Nakka (follower) Dave Summers (follower) mah431 (follower) Andrew Coy (follower) CTomezsko (follower) Arkad (follower) sakhi sajjad (follower) krishnakumar (follower) nofiardipiliang (follower) Robert Steve (follower) Adam Collado (follower) shmulik (follower) trekr5 (follower) Merab Tevdorashvili (follower) BoydS (follower) poncho (follower) jonatan moreno (follower) Usman Bashir (follower) mannyagb (follower)

Tasks


  • Introduction, Tools, and HTTP Basics
  • Access Control Flaws
  • AJAX Security
  • Authetntication Flaws
  • Cross-site scripting (XSS)
  • Injection Flaws
  • Parameter Tampering
  • Session management flaws
  • Final project. Find flaws in an open source web application

External Links


  • Practice by exploiting a python application
  • Lessons plans with WebGoat
  • Practice with several challenges in different languages
  • PHP version of Webgoat
    Robert Steve
    Robert Steve at Web Application Security
    started following Web Application Security study group.
    09 Dec 2011 via courses.p2pu.org

P2PU Schools:
School of Social Innovation

SOCIAL INNOVATION
School of the Mathematical Future

MATHEMATICAL FUTURE
School of Webcraft

WEBCRAFT
School of Ed

SCHOOL OF EDUCATION
School of Open

SCHOOL OF OPEN

What is P2PU?

The Peer 2 Peer University is a grassroots open education project that organizes learning outside of institutional walls and gives learners recognition for their achievements. P2PU creates a model for lifelong learning alongside traditional formal higher education. Leveraging the internet and educational materials openly available online, P2PU enables high-quality low-cost education opportunities.

Connect With Us

  • FacebookF
  • TwitterT
  • Get Involved
  • Blog
  • Send us an email

Some of Our Supporters

William and Flora Hewlett Foundation Shuttleworth Foundation View all of our supporters
globe icon
  • English
  • Nederlands
  • 中文
  • Español
  • Svenska
  • עברית
  • 한국의
  • (more)
  • Help
  • About P2PU
  • Forum
  • Found a Bug?
  • Creative Commons
  • Share-Alike
  • Privacy Guidelines
  • Terms of Use
CC Icons