egghead
Проект egghead.io представляет огромный выбор курсов и скринкастов для разработчиков любого уровня и профессии.
Этот материал находится в платной подписке. Оформи премиум подписку и смотри или слушай
Web Security Essentials: MITM, CSRF, and XSS,
а также все другие курсы, прямо сейчас!
Премиум
-
Урок 1. 00:04:18Course Overview: Web Security Essentials
-
Урок 2. 00:03:02Simulate Man in the Middle Attacks and Inspect Network Traffic with Charles Proxy
-
Урок 3. 00:02:34Add https to a Localhost Express App to Prevent MITM Attacks
-
Урок 4. 00:02:20Redirect All HTTP Traffic to HTTPS in Express to Ensure All Responses are Secure
-
Урок 5. 00:01:36Set the Secure Cookie Flag to Ensure Cookies are Only Sent Over Secure Connections
-
Урок 6. 00:04:16Add HSTS Headers to Express Apps to Ensure All Requests are https Requests
-
Урок 7. 00:04:02Create a Proof of Concept Exploit of a CSRF Vulnerable Website
-
Урок 8. 00:02:47Mitigate CSRF Attacks by Setting the SameSite Cookie Flag in Express
-
Урок 9. 00:06:13Add CSRF Token Middleware to an Express Server to Mitigate CSRF
-
Урок 10. 00:03:51Make an XSS Payload to Read a Cookie from a Vulnerable Website
-
Урок 11. 00:01:28Set the httpOnly Cookie Flag in Express to Ensure Cookies are Inaccessible from JavaScript
-
Урок 12. 00:00:54Make an XSS Payload to Read document.body from a Vulnerable Website
-
Урок 13. 00:05:31Prevent Inline Script Execution by Implementing Script-Src CSP Headers in Express
-
Урок 14. 00:01:12Read Document Content from a Vulnerable Website via Script Tag Injection in an XSS Payload
-
Урок 15. 00:03:08Add a Nonce Based script-src Header in Express to Only Allow Scripts that Match the Nonce
-
Урок 16. 00:01:37Prompt Users for Credentials from a Vulnerable Website via iframe Injection
-
Урок 17. 00:02:16Add a default-src CSP Header in Express to Enforce an Allowlist and Mitigate XSS
