Overview
-
This course covers XSS and Javascript Remote Code Execution and CSRF and Browser Security.
Syllabus
-
- XSS and Javascript Remote Code Execution
- This course explores cross-site scripting (XSS) in JavaScript. XSS attacks are arguably the main threat against JavaScript web applications. In this course, we will cover them in detail and leave no stone unturned as we check everything about reflected, stored, DOM-based XSS. We will extensively cover CSP and trusted types.
- CSRF and Browser Security
- An exploration of cross-site request forgery, or CSRF. CSRF (cross-site request forgery) attacks can be disastrous for a website. In this course, we will learn exactly what they are and take a back-end (examples with Node.js) and front-end approach against them. Browsers have multiple security mechanisms to block certain attacks, and any web developer should have an idea of what these mechanisms are and how to use them.
