Offensive Perspective - OWASP Security for Developers

Develop ”Out-of-box” thinking related to web secure codin and see security from offensive perspective

4.45 (255 reviews)
Udemy
platform
English
language
Network & Security
category
Gabriel Avramescu
instructor
Offensive Perspective - OWASP Security for Developers
820
students
4.5 hours
content
Apr 2023
last update
$74.99
regular price

What you will learn

Best practices when it comes to secure coding for web developers

OWASP Top 10 Web vulnerabilities

"Out-of-box thinking" when it comes to exploiting certain vulnerabilities

Learn certain tools and frameworks for offensive perspective

Why take this course?

You will learn to protect your web application by attacking it, by performing penetration testing on it. This course is rather theoretical with only some labs and demos.


Objectives

  • Develop ”Out-of-box” thinking

  • See security from an offensive perspective

  • Learn best security practices and (most and less) common attacks

  • Learn to defend your applications and infrastructure

Topics

  • Overview of Web Penetration Testing

  • OWASP Top Ten Web Vulnerabilities

  • API Top Ten vulnerabilities

  • HTTP Security Headers

  • JSON Web Tokens

  • Technical measures and best practices

  • Cryptography

Overview of Web Penetration Testing

  • Core problems

  • Web Technologies basics

  • Security Audit vs Vulnerability Assessment vs Pentest

  • Information Gathering

  • Scanning and Enumeration

  • Mapping the target surface

  • Attacking Users. Cross Site Scripting

  • Attacking the Server

  • Attacking Authentication

  • Attacking Data Stores

Top 10 API Security Vulnerabilities

  • API Vulnerabilities

  • Examples of vulnerabilities found in publicly accessible applications

OWASP Top Ten Web Vulnerabilities

  • A1: Injection

  • A2 – Broken Authentication and Session Management

  • A3 – Cross-Site Scripting (XSS)

  • A4 – Insecure Direct Object References

  • A5 – Security Misconfiguration

  • A6 – Sensitive data Exposure

  • A7 – Missing Function Level Access Control

  • A8 – Cross-Site Request Forgery (CSRF)

  • A9 – Using Components with Known Vulnerabilities

  • A10 – Unvalidated Redirects and Forwards

  • New Addition in OWASP TOP 10 - 2017

  • A4 - XML External entities (XXE)

  • A5 – Broken Access Control

  • A8 – Insecure Deserialization

  • A10 - Insufficient Logging & Monitoring

  • New additions in 2021

  • Common Vulnerabilities: XSS, SQL Injection, CSRF, XXE, LFI

HTTP Security Headers

  • Understand HTTP Security Tokens and their role

  • HSTS - Strict-Transport-Security

  • CSP - Content-Security-Policy

  • CORS

  • X-Frame-Options

  • X-XSS-Protection

  • X-Content-Type-Options

  • Referrer-Policy

  • Cookie flags: HTTPOnly, Secure

JSON Web Tokens

  • Understanding JSON WEB TOKENS

  • Token Structure

  • When can you use JWT

  • Issues

  • What is JWT good for?

  • Best Practices for JSON Web Tokens

Technical measures and best practices

  • Input Validation

  • Encoding

  • Bind Parameters for Database Queries

  • Protect Data in Transit

  • Hash and Salt Your Users' Passwords

  • Encrypt Data at Rest

  • Logging - Best practices

  • Authenticate Users Safely

  • Protect User Sessions

  • Authorize Actions

Cryptography

  • Cryptographic concepts

  • Algorithms

  • Cryptography and cryptanalysis tools

  • Cryptography attacks

Screenshots

Offensive Perspective - OWASP Security for Developers - Screenshot_01Offensive Perspective - OWASP Security for Developers - Screenshot_02Offensive Perspective - OWASP Security for Developers - Screenshot_03Offensive Perspective - OWASP Security for Developers - Screenshot_04

Reviews

Abigél
September 6, 2023
This is a great course. It explains all subjects in detail and in very easy form so anyone can understand it regardless of their experience.
Karina
September 5, 2023
Excellent course with an instructor whos got an eye for attention to detail and cares for his students.
Gerald
September 4, 2023
A really well done course! I'm always looking to fill in the gaps, learn new tools, and learn new techniques
Tatjana
September 4, 2023
I am very beginner about software security and this course gives me much knowledge about web application security.
Agnes
July 24, 2023
Very valuable and learned a lot! Clear and effective. I hope this course will give me complete knowledge about OWASP security for developers by this trainer.
Tommye
July 24, 2023
The way this Offensive Perspective course was organized was incredibly enjoyable. Excellent delivery by the teacher! It helped me comprehend the OWASP foundation concept and was educational.
Gabriela
July 23, 2023
The course is packed with resources that students may use in the workplace and reference material to deepen their comprehension.
Karen
July 23, 2023
This course is loaded with knowledge and covers all the details needed to get the job done. Each step can be followed using some general knowledge of OWASP security for developers.
Jennifer
July 22, 2023
I now feel that I understand enough about OWASP to continue learning on my own. This is the beginning, not the end of the journey.
Angelica
July 22, 2023
Since I am a complete rookie at Offensive Perspective, this course has taught me a lot about security for developers. Additionally, the lecturer gave students a ton of reading materials on each subject.
Marigold
July 21, 2023
Despite the fact that I know nothing about software security, this course has taught me a lot about OWASP Security. Students also received a ton of reading material on each subject from the lecturer.
Matthew
July 20, 2023
If you are really interested to understand what OWASP Security for Developers is and interested to work in the OWASP Security jobs you were looking for. I would recommend this course absolutely.
Laura
July 20, 2023
Learned about every important threats and how to prevent the threats which can be dangerous for our web applications and datas.
Prisca
July 20, 2023
Well explained. I am completely new to the OWASP Security for Developers sector without anyone who can Guide me but because of this mentor, now I am able to handle it smoothly. Great guidance and well explained.
Nicoleta
April 6, 2023
I cannot express how great the instructor was and the overall content of the material. I would definitely recommend this to my co-workers as well as friends. I will be looking into taking more of these in the near future. Thank you, Gabriel Avramescu!

Charts

Price

Offensive Perspective - OWASP Security for Developers - Price chart

Rating

Offensive Perspective - OWASP Security for Developers - Ratings chart

Enrollment distribution

Offensive Perspective - OWASP Security for Developers - Distribution chart

Related Topics

Penetration Testing
OWASP
Red Team Offensive Security
5250344
udemy ID
4/3/2023
course created date
4/7/2023
course indexed date
Bot
course submited by