Course Details

Previous Page


OWASP A8 and A3: Cross-site Attacks


Overview/Description
Target Audience
Prerequisites
Expected Duration
Lesson Objectives
Course Number


Overview/Description
OWASP Top 10 list items 8 and 3 include cross-site attacks, which are very common exploits in modern web applications.

Target Audience
Individuals who wish to increase their knowledge in the field of web application security and common exploits used against web applications

Prerequisites
None

Expected Duration (hours)
0.9

Lesson Objectives

OWASP A8 and A3: Cross-site Attacks

  • start the course
  • explain what Cross-site Request Forgery (CSRF) is
  • exploit CSRF and what kind of access is needed to exploit it
  • detect CSRF and how common they are
  • list technical and business impacts of CSRFs
  • provide examples of CSRF attacks
  • describe what Cross-site Scripting (XSS) is
  • exploit XSS and what kind of access is needed to exploit it
  • detect XSS and how common it is
  • list the technical and business impacts of XSS
  • provide examples of XSS attacks
  • review an XSS attack
  • describe how CSRF and XSS can be exploited by an attacker
  • Course Number:
    sp_owtt_a03_it_enus