Skip to content

nerdschoolbergen/introduction-to-web-security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

73 Commits

.devcontainer

.devcontainer

 
 

.github/workflows

.github/workflows

 
 

.vscode

.vscode

 
 

exercise-1

exercise-1

 
 

exercise-2

exercise-2

 
 

exercise-3

exercise-3

 
 

exercise-4

exercise-4

 
 

exercise-5

exercise-5

 
 

exercise-6

exercise-6

 
 

exercise-7

exercise-7

 
 

images

images

 
 

vulnerable-application

vulnerable-application

 
 

.editorconfig

.editorconfig

 
 

README.md

README.md

 
 

codespaces.md

codespaces.md

 
 

Repository files navigation

Introduction To Web Security

This workshop will help you understand how to think about security when building kick-ass stuff that runs on the internet.

Open presentation slides

Focus of this lesson

The purpose of this lesson is to give you an brief input into how you should think about security when developing your own stuff. We have prepared a vulnerable web application which you will run on your own PC. Through the various exercises we will go through many of the top web security problems and demonstrate each problem in our vulnerable application.

What you need

Prerequisites

  • Some knowledge about web app development and basic web technologies like HTML and HTTP is helpful

How to get started

  • Start by cloning this repository into a folder on your computer. If you've never used git before, you can alternatively use the "Download ZIP" button to the right.
  • Although you have this README file on your computer it's easier to read it on GitHub, so we recommend you keep this page open with the exercise tasks.

About the vulnerable application

This is an application that is written with the worst possible practices. Do not use anything here as an example for anything.

You can assume that you have access to the application source code, but not its data when you are exploiting the vulnerabilities.

You might find vulnerabilities that are not specified. Feel free to be creative in your exploitive adventures.

Exercises

This repository contains a set of exercises organized in folders. Each folder contains a README.md describing the exercise.

Symbols and notation used in exercises

Icons with special meaning

✏️ - A task you should do
📖 - A section of text to read (no tasks, just information).
💡 - Additional information.
❗ - Something important.
❓ - Open-ended question for the reader ("What do you think would happen if...")
💩 - Bad practice (don't-do-this)
⭐ - A bonus task (not required)

Keyboard keys

Will look like this:

CTRL + ALT + C

Diff blocks

Emphasizes how lines of text should change.

- this text was removed
+ and replaced with this text

About

This workshop will help you understand how to think about security when building kick-ass stuff that runs on the internet.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

9 watching

Forks

2 forks
Report repository

Contributors 4

  •  
  •  
  •  
  •  

Languages