[ FreeCourseWeb.com ] Cross Site Scripting: Attack & Defense



Download More Latest Courses Visit -->> https://FreeCourseWeb.com







Genre: eLearning | MP4 | Video: h264, 1280x720 | Audio: aac, 44100 Hz

Language: English | VTT | Size: 1.21 GB | Duration: 3 hours

What you'll learn

Setup Lab Environment and test for XSS Vulnerability

Cross Site Scripting Fundamentals

How different types of Cross Site Scripting Works?

Perform Different Cross Site Scripting Attacks - Phishing, Cookie Stealing & Session Hijacking

Use Automated Scanners like Wapiti, Uniscan, OWASP ZAP, Burp Suite Pro, to find and exploit XSS and to generate a detailed report

Difference between Passive and Active Scan

Apply Security Measures

Prevent or Restrict XSS using different Defensive Solutions - Esccaping User Input, Content Security Policy, Using Appropriate Sources and Sinks, etc.

Difference between BlackListing and WhiteListing Approach

Use Filter Evasion Cheat Sheets to bypass WAFs and Firewalls, and Prevention Cheat Sheets to implement secure coding practices,and learn proper handling of untrusted data

Use different libraries and modules to add an extra security layer in web applications



Requirements

Good Knowledge of HTML and JavaScript (Basic HTML tags, JavaScript Functions)

Basic Knowledge of HTTP Client-Server Architecture (How a client sends a request and a server sends a response back to the client?)

Basic Knowledge of Linux Commands and tools (Moving a file, Copying a file, Starting Services etc.)

Optional Knowledge of Server Side Programming Language like PHP

OWASP top 10 (Not Mandatory)

Understanding of Virtualization Softwares like VMware/VirtualBox (Not Mandatory)

Description

The course is specifically designed to understand Cross Site Scripting Vulnerability with a complete Practical Hands-On Experience. This course will train the students to setup their own local penetration testing environment to practice in a safe and contained environment. The students will learn what Cross Site Scripting Vulnerability really is, and how different types of XSS works? Then they will follow an Attacking Approach to deeply understand how XSS attacks happen in real life. They will learn to use different vulnerability scanners to find XSS vulnerabilities. They will also learn to prevent and restrict XSS attacks by using methods like - Escaping User Input, Content Security Policy, etc, thus following a Defensive Approach, hence then name of the course: “Cross Site Scripting: Attack & Defense”, and last but not the least, they will learn to use different cheat sheets to evade WAFs and Firewalls, and also to prevent XSS attacks by implementing secure coding practices and proper handling of untrusted data.



Who this course is for:

CyberSecurity Enthusiasts

Bug Hunters

Web Application Penetration Testers

Web Developers

Security Researchers



SCREENSHOTS



Use Winrar to Extract. And use a shorter path when extracting, such as C: drive



ALSO ANOTHER TIP: You Can Easily Navigate Using Winrar and Rename the Too Long File/ Folder Name if Needed While You Cannot in Default Windows Explorer. You are Welcome ! :)



Download More Latest Courses Visit -->> https://FreeCourseWeb.com



Get Latest Apps Tips and Tricks -->> https://AppWikia.com



We upload these learning materials for the people from all over the world, who have the talent and motivation to sharpen their skills/ knowledge but do not have the financial support to afford the materials. If you like this content and if you are truly in a position that you can actually buy the materials, then Please, we repeat, Please, Support Authors. They Deserve it! Because always remember, without "Them", you and we won't be here having this conversation. Think about it! Peace...