Topics

Input Validation Mechanisms

  • Blacklisting

  • Whitelisting

Cross-Site Scripting

SQL Injection

XML External Entity attack

Cross-Site Request Forgery

Encoding, Encryption and Hashing

Authentication related Vulnerabilities

  • Brute force Attacks

  • Password Storage and Password Policy

Understanding of OWASP Top 10 Vulnerabilities

Security Best Practices and Hardening Mechanisms.

  • Same Origin Policy

  • Security Headers.

TLS security

  • TLS Certificate Misconfiguration

  • Symmetric and Asymmetric Ciphers

Server-Side Request Forgery

Authorization and Session Management related flaws –

  • Insecure Direct Object Reference (IDOR)

  • Privilege Escalation

  • Parameter Manipulation attacks

  • Securing Cookies.

Insecure File Uploads

Code Injection Vulnerabilities

Business Logic Flaws

Directory Traversal Vulnerabilities

Security Misconfigurations.

Information Disclosure.

Vulnerable and Outdated Components.

Common Supply Chain Attacks and Prevention Methods.

PreviousOverviewNextCommon Supply Chain Attacks and Prevention Methods

Last updated