Components for a web application »
Introduction
This course will try to teach you about the different vulnerabilities identified in web application based on the OWASP top ten project. OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. OWASP developed and maintained the OWASP top ten project, which represents a broad consensus about what the most critical web application security flaws are. Project members include a variety of security experts from around the world who have shared their expertise to produce this list.
What will this course teach you?
- Understanding the HTTP protocol
- Create vulnerable website (the easiest part)
- Understanding common vulnerabilities in web applications
- Finding vulnerabilities in web applications
- Fixing vulnerabilities in web applications
Before starting the course, we will need to clarify what is a web application and what are security vulnerabilities.
A web application, also known as web app, is a client–server software application in which the client (or user interface) runs in a web browser. Common web applications include webmail, online retail sales, boards, blogs, wikis, instant messaging services and many other functions [source].
A security vulnerability is a weakness which allows an attacker to reduce a system’s information assurance [source]. Typically, a vulnerability will allow an attacker to compromise the Confidentiality and/or the Integrity and/or the Availability of a system, hence the CIA concept in IT security.