Этот материал находится в платной подписке. Оформи премиум подписку и смотри или слушай Web Security Essentials: MITM, CSRF, and XSS, а также все другие курсы, прямо сейчас!
Премиум
  • Урок 1. 00:04:18
    Course Overview: Web Security Essentials
  • Урок 2. 00:03:02
    Simulate Man in the Middle Attacks and Inspect Network Traffic with Charles Proxy
  • Урок 3. 00:02:34
    Add https to a Localhost Express App to Prevent MITM Attacks
  • Урок 4. 00:02:20
    Redirect All HTTP Traffic to HTTPS in Express to Ensure All Responses are Secure
  • Урок 5. 00:01:36
    Set the Secure Cookie Flag to Ensure Cookies are Only Sent Over Secure Connections
  • Урок 6. 00:04:16
    Add HSTS Headers to Express Apps to Ensure All Requests are https Requests
  • Урок 7. 00:04:02
    Create a Proof of Concept Exploit of a CSRF Vulnerable Website
  • Урок 8. 00:02:47
    Mitigate CSRF Attacks by Setting the SameSite Cookie Flag in Express
  • Урок 9. 00:06:13
    Add CSRF Token Middleware to an Express Server to Mitigate CSRF
  • Урок 10. 00:03:51
    Make an XSS Payload to Read a Cookie from a Vulnerable Website
  • Урок 11. 00:01:28
    Set the httpOnly Cookie Flag in Express to Ensure Cookies are Inaccessible from JavaScript
  • Урок 12. 00:00:54
    Make an XSS Payload to Read document.body from a Vulnerable Website
  • Урок 13. 00:05:31
    Prevent Inline Script Execution by Implementing Script-Src CSP Headers in Express
  • Урок 14. 00:01:12
    Read Document Content from a Vulnerable Website via Script Tag Injection in an XSS Payload
  • Урок 15. 00:03:08
    Add a Nonce Based script-src Header in Express to Only Allow Scripts that Match the Nonce
  • Урок 16. 00:01:37
    Prompt Users for Credentials from a Vulnerable Website via iframe Injection
  • Урок 17. 00:02:16
    Add a default-src CSP Header in Express to Enforce an Allowlist and Mitigate XSS