OWASP Top 10: A03:2021-Injection
OWASP 2022
| Intermediate
- 11 Videos | 1h 6m
- Includes Assessment
- Earns a Badge
Many web applications accept input from either external data sources or app users. In this course, learn about the types of injection attacks and how malicious users submit malicious code or commands to a web app for execution by the web server stack. Next, practice testing a web app for injection vulnerabilities using the OWASP ZAP tool, setting low security for a vulnerable web app tool, and executing injection attacks against a web app. Finally, discover how to mitigate injection attacks using input validation and input sanitization. Upon completion, you'll be able to identify and mitigate web app injection attacks.
WHAT YOU WILL LEARN
-
discover the key concepts covered in this courserecognize types of injection attacksoutline how to mitigate injection attacks using fuzzing, input validation, and sanitizationtest a web app for injection vulnerabilities using the OWASP Zed Attack Proxy (ZAP) toolexecute a SQL injection attack against a web application using freely available toolsexecute a command injection attack against a web application using freely available tools
-
identify how Java and JavaScript are used in web applicationsrecognize how Cross-Site Scripting (XSS) attacks occurrun a Cross-Site Scripting (XSS) attack through web page formsrun a Cross-Site Scripting (XSS) attack to hijack a client web browsersummarize the key concepts covered in this course
IN THIS COURSE
-
1.Course Overview1m 4sUP NEXT
-
2.Injection Attack Types6m 54s
-
3.Fuzzing, Input Validation, and Sanitization6m 56s
-
4.Testing for Injection Attack Vulnerabilities7m 1s
-
5.Executing a SQL Injection Attack6m 29s
-
6.Executing a Command Injection Attack6m 59s
-
7.Java and JavaScript in Web Applications6m 24s
-
8.Cross-site Scripting (XSS) Attacks6m 24s
-
9.Running XSS through Web Page Forms7m 51s
-
10.Compromising a Web Browser through XSS8m 58s
-
11.Course Summary1m 1s
EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE
Skillsoft is providing you the opportunity to earn a digital badge upon successful completion of this course, which can be shared on any social network or business platform
Digital badges are yours to keep, forever.