[Owasp-Malaysia] Web Application Exploits and Defenses

Harisfazillah Jamel linuxmalaysia at gmail.com
Thu Jul 22 16:39:24 EDT 2010


http://google-gruyere.appspot.com/

Want to beat the hackers at their own game?

Learn how hackers find security vulnerabilities!
Learn how hackers exploit web applications!
Learn how to stop them!
This codelab shows how web application vulnerabilities can be
exploited and how to defend against these attacks. The best way to
learn things is by doing, so you'll get a chance to do some real
penetration testing, actually exploiting a real application.
Specifically, you'll learn the following:

How an application can be attacked using common web security
vulnerabilities, like cross-site scripting vulnerabilities (XSS) and
cross-site request forgery (XSRF).
How to find, fix, and avoid these common vulnerabilities and other
bugs that have a security impact, such as denial-of-service,
information disclosure, or remote code execution.
To get the most out of this lab, you should have some familiarity with
how a web application works (e.g., general knowledge of HTML,
templates, cookies, AJAX, etc.).


More information about the Owasp-Malaysia mailing list