Web Application Security 101

• Introduction
• Lab setup
  • Install
  • Structure
  • Troubleshooting
• Components for a web application
• HTTP protocol
  • Communication client - server
  • HTTP request
  • HTTP response
  • Examples
  • Caching
  • cookies
  • Encoding
  • Compression
  • Authentication
  • URL Rewriting
  • HTTPS, SSL & TLS
  • Web Proxy
  • Browser
• HTML, CSS & JavaScript
  • HTML
  • CSS
  • JavaScript
• Structure Query Language (SQL)
  • Statements
  • Clause
  • Tools
• Vulnerabilities
  • SQL injection
  • Cross-site scripting
  • Header poisoning
  • Cross-site Request forgery
  • Insecure direct Object Reference
  • Unvalidated redirects and forwards
  • Business logic
• Methodology

---

Table of contents

• Introduction
• Components for a web application
• HTTP protocol