Overview
This course aims to educate JavaScript developers on the OWASP Top 10 vulnerabilities specific to JavaScript, both on the client and server sides. The course covers topics such as injection, broken authentication, access control, DOM-based cross-site scripting (XSS), and Content Security Policy (CSP). The teaching method includes a lecture-style presentation by a Senior Security Consultant, with a focus on providing remediation advice and code examples. This course is intended for JavaScript developers looking to enhance their understanding of web security and JavaScript-specific vulnerabilities.
Syllabus
Introduction
One Injection
MongoDB Example
Prevent Mongo Injection
Relational Databases
Info Prevention
Broken Authentication
Authentication
XML
Brokering Access Control
Nodejs Configuration
Execution context
DOM XSS
Framework XSS
ElementRef
Prevention
CSP
Mitigation Techniques
Taught by
OWASP Foundation