1. Урок 1. 00:04:18
    Course Overview: Web Security Essentials
  2. Урок 2. 00:03:02
    Simulate Man in the Middle Attacks and Inspect Network Traffic with Charles Proxy
  3. Урок 3. 00:02:34
    Add https to a Localhost Express App to Prevent MITM Attacks
  4. Урок 4. 00:02:20
    Redirect All HTTP Traffic to HTTPS in Express to Ensure All Responses are Secure
  5. Урок 5. 00:01:36
    Set the Secure Cookie Flag to Ensure Cookies are Only Sent Over Secure Connections
  6. Урок 6. 00:04:16
    Add HSTS Headers to Express Apps to Ensure All Requests are https Requests
  7. Урок 7. 00:04:02
    Create a Proof of Concept Exploit of a CSRF Vulnerable Website
  8. Урок 8. 00:02:47
    Mitigate CSRF Attacks by Setting the SameSite Cookie Flag in Express
  9. Урок 9. 00:06:13
    Add CSRF Token Middleware to an Express Server to Mitigate CSRF
  10. Урок 10. 00:03:51
    Make an XSS Payload to Read a Cookie from a Vulnerable Website
  11. Урок 11. 00:01:28
    Set the httpOnly Cookie Flag in Express to Ensure Cookies are Inaccessible from JavaScript
  12. Урок 12. 00:00:54
    Make an XSS Payload to Read document.body from a Vulnerable Website
  13. Урок 13. 00:05:31
    Prevent Inline Script Execution by Implementing Script-Src CSP Headers in Express
  14. Урок 14. 00:01:12
    Read Document Content from a Vulnerable Website via Script Tag Injection in an XSS Payload
  15. Урок 15. 00:03:08
    Add a Nonce Based script-src Header in Express to Only Allow Scripts that Match the Nonce
  16. Урок 16. 00:01:37
    Prompt Users for Credentials from a Vulnerable Website via iframe Injection
  17. Урок 17. 00:02:16
    Add a default-src CSP Header in Express to Enforce an Allowlist and Mitigate XSS