This course introduces students to web security and provides techniques for building secure web applications. In addition, it covers secure web programming concepts, web vulnerabilities and their exploitation, web browser design flaws, and some advanced web privacy topics.
Undergraduate 132 CRs
Malcolm Mcdonald, Web Security for Developers, No Starch Press
| content serial | Description |
|---|
| 1 | Course Aim, Course outline, and introduction to web security |
| 2 | How the Internet works |
| 3 | How browsers work, HTTPS and its limitations |
| 4 | What are the latest emerging attacks facing the Internet? |
| 5 | Static and dynamic resources and tools critical in solving common web vulnerabilities. |
| 6 | 7th week Assessment |
| 7 | Same origin policy and web attacker model. Injection flaws and Cross-site scripting |
| 8 | Injection Flaws (II): XSS (contd.), SQL Injection, OS Command Injection, HTTP Header Injection |
| 9 | Authentication flaws and request authentication flaws |
| 10 | Insecure Web Logic: Logic Flaws, HTTP Pollution, HTTP Parameter Tampering |
| 11 | Cookie Flaws and Server Misconfiguration |
| 12 | 12th week Assessment |
| 13 | Attacks on User Interfaces |
| 14 | New web security defence techniques |
| 15 | Projects Presentations |
Start your application
