0% found this document useful (0 votes)

96 views

Week01 PDF

This document provides an overview of a course on web security. The course objectives are to understand web vulnerabilities, security best practices, and how to audit applications for flaws. Prerequisites include basic web knowledge. Topics covered include the web security model, session management, SQL injection, cross-site scripting, and web application firewalls. Students will be assessed via assignments, a midterm, and final exam.

Uploaded by

Magnon Be7wak

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

96 views

Week01 PDF

Uploaded by

Magnon Be7wak

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 9

Week 01: Web Security

Dr. Mohammed Alfateh Hassouna

Sudan International University

hassounatop@gmail.com

November 2, 2020

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 1/9
Introduction

The Internet continues to change the role that software plays in the
business world.
The invisible hand of Internet software enables e-business, automates
supply chains, and provides instant, worldwide access to information
At the same time, Internet software is moving into our cars, our
televisions and our home security systems(Internet of Things IoT).
Web applications present the largest category of security risk today.
The Web/Internet is just the most obvious avenue of attack in most
systems.

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 2/9
Course Objectives

Have a comprehensive understanding of the vulnerabilities associated

with providing active/dynamic web content.
Understand how the above vulnerabilities affect the design,
implementation, and maintenance of active/dynamic web content.
Know how to conduct an audit/review of an existing system to
identify and correct for security vulnerabilities.
Address Web Service and its security.
Overview of concrete threats against web applications.
Current best practices for secure web applications.

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 3/9
Course Learning Outcomes

On completion of this module, students should be able to:

Get hands-on experience on web programming.
Identifying underlying security principles of the web.
Critically audit web applications for security flaws.
Design and implement exploits for real security bugs.
Develop secure web applications.

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 4/9
Course Prerequisites

Basic knowledge of web and its protocols like HTTP.

Basic knowledge of some web programming languages like Java, PHP
or Python.
Basic understanding of SQL
The ability to read and understand JavaScript code

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 5/9
Course Outlines

Overview of web and its security

Web security model
Browser security model including same origin policy
Client- server trust boundaries, e.g., cannot rely on secure execution
in the client
Session management, authentication
Single sign-on, HTTPS and certificates

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 6/9
Course Outlines(Cont)

Application vulnerabilities and defenses, SQL injection

XSS, CSRF, Client-side security
Cookies security policy
HTTP security extensions, e.g. HSTS, Plugins, extensions, and web
apps
Web user tracking
Server - side security tools, e.g. Web Application Firewalls (WAFs)
and fuzzers
Web service’s security

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 7/9
Assessment Method

1 Assignments and quizzes 20.

2 Midterm exam 30.
3 Final exam 50.
4 Total 100.

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 8/9
References

Bryan Sullivan, Vincent Liu ”Web Application Security, A Beginner’s

Guide”, McGraw-Hill Osborne Media; 1st edition, 2011.
Ivan Ristik. ModSecurity Handbook. Feisty Duck, Ltd. 2010.
Open Web Application Security Project. OWASP Top 10: The Ten
Mist Critical Web Application Security Vulnerabilities.

Dr. Mohammed Alfateh Hassouna (SIU) Week 01: Web Security November 2, 2020 9/9

(Coll.) Rose Book of Bible Charts, Maps, and Time
98% (46)
(Coll.) Rose Book of Bible Charts, Maps, and Time
250 pages
Chapter 6 Part 1
100% (2)
Chapter 6 Part 1
30 pages
Penetration Testing for Jobseekers: Perform Ethical Hacking across Web Apps, Networks, Mobile Devices using Kali Linux, Burp Suite, MobSF, and Metasploit
From Everand
Penetration Testing for Jobseekers: Perform Ethical Hacking across Web Apps, Networks, Mobile Devices using Kali Linux, Burp Suite, MobSF, and Metasploit
Debasish Mandal
No ratings yet
Book PDF
No ratings yet
Book PDF
62 pages
CYB 411_103150
No ratings yet
CYB 411_103150
4 pages
Webinar 1531 Slides
No ratings yet
Webinar 1531 Slides
16 pages
OWASP Top 10 2021 Complete Syllabus
No ratings yet
OWASP Top 10 2021 Complete Syllabus
5 pages
WAS Lesson Plan New Format
No ratings yet
WAS Lesson Plan New Format
7 pages
CIS6013 Web-Application-Security ETH 1 AC41
No ratings yet
CIS6013 Web-Application-Security ETH 1 AC41
9 pages
[CyberSec'24] Lab01 - Student Version
No ratings yet
[CyberSec'24] Lab01 - Student Version
47 pages
Web Security Vulnerabilities
No ratings yet
Web Security Vulnerabilities
50 pages
CSIT-542 Web Security Syllabus
No ratings yet
CSIT-542 Web Security Syllabus
1 page
lecture7
No ratings yet
lecture7
48 pages
Web Application Security is a Stack: How to CYA (Cover Your Apps) Completely
From Everand
Web Application Security is a Stack: How to CYA (Cover Your Apps) Completely
Lori Mac Vittie
No ratings yet
WAS NOTES
No ratings yet
WAS NOTES
257 pages
Fortifying Digital Fortress: A Comprehensive Guide to Information Systems Security: GoodMan, #1
From Everand
Fortifying Digital Fortress: A Comprehensive Guide to Information Systems Security: GoodMan, #1
Patrick Mukosha
No ratings yet
01
No ratings yet
01
65 pages
Cybersecurity Fundamentals: Best Security Practices: cybersecurity beginner, #1
From Everand
Cybersecurity Fundamentals: Best Security Practices: cybersecurity beginner, #1
Bruce Brown
No ratings yet
REPORT CS
No ratings yet
REPORT CS
4 pages
Web Application Security: Abdirahman Mohamed Hassan
No ratings yet
Web Application Security: Abdirahman Mohamed Hassan
30 pages
WEB_SECURITY Course Outline
No ratings yet
WEB_SECURITY Course Outline
6 pages
CSWAE Version2
No ratings yet
CSWAE Version2
9 pages
Web Application Security and Standards
No ratings yet
Web Application Security and Standards
12 pages
INE-Introduction-to-Web-Application-Security-Testing-Course-File
No ratings yet
INE-Introduction-to-Web-Application-Security-Testing-Course-File
141 pages
Research_Into_the_Security_Threat_of_Web_Application
No ratings yet
Research_Into_the_Security_Threat_of_Web_Application
20 pages
Complete Cyber Security Learning RoadMap
No ratings yet
Complete Cyber Security Learning RoadMap
12 pages
Web Application Security Syllabus
No ratings yet
Web Application Security Syllabus
2 pages
2020-02-09 - Introduction To The OWASP Top Ten
No ratings yet
2020-02-09 - Introduction To The OWASP Top Ten
45 pages
6-Web Application Security
No ratings yet
6-Web Application Security
36 pages
Course 1 Reading
No ratings yet
Course 1 Reading
35 pages
Introduction to Appsec Combined Keynote PDF
No ratings yet
Introduction to Appsec Combined Keynote PDF
107 pages
WAS Syllabus
No ratings yet
WAS Syllabus
4 pages
Web Security
No ratings yet
Web Security
36 pages
WAS IA -1 Question Paper with Answer
No ratings yet
WAS IA -1 Question Paper with Answer
6 pages
Web Security
No ratings yet
Web Security
60 pages
Web Application Security Syllabus
No ratings yet
Web Application Security Syllabus
2 pages
1 Introduction PDF
No ratings yet
1 Introduction PDF
59 pages
An toàn hệ thống web
No ratings yet
An toàn hệ thống web
74 pages
Web Application Security: February 2008
No ratings yet
Web Application Security: February 2008
26 pages
EHDF Module 2
No ratings yet
EHDF Module 2
37 pages
Browser Security Model: John Mitchell
No ratings yet
Browser Security Model: John Mitchell
74 pages
Web Security
100% (1)
Web Security
17 pages
07 Week8 10 Web Security A
No ratings yet
07 Week8 10 Web Security A
69 pages
Securing Critical Infrastructures
From Everand
Securing Critical Infrastructures
Professor Mohamed K. Kamara Ph.D.
No ratings yet
Syllabus Cyber Security and Web Technologies
No ratings yet
Syllabus Cyber Security and Web Technologies
2 pages
Willberg Mikael
No ratings yet
Willberg Mikael
33 pages
Ebook Security For Web Developers
No ratings yet
Ebook Security For Web Developers
114 pages
Learning iOS Penetration Testing: Secure your iOS applications and uncover hidden vulnerabilities by conducting penetration tests
From Everand
Learning iOS Penetration Testing: Secure your iOS applications and uncover hidden vulnerabilities by conducting penetration tests
Swaroop Yermalkar
No ratings yet
CSCI 476 Computer Security: Focus On Software Security
No ratings yet
CSCI 476 Computer Security: Focus On Software Security
13 pages
Web Security
No ratings yet
Web Security
38 pages
03-Course 1 Overview
No ratings yet
03-Course 1 Overview
5 pages
Lecture 10 Web App Security
No ratings yet
Lecture 10 Web App Security
43 pages
Introduction To Application Security - EBOOK
No ratings yet
Introduction To Application Security - EBOOK
128 pages
Java and Web Application Security
No ratings yet
Java and Web Application Security
2 pages
CYBER-SECURITY-CURRICULUM
No ratings yet
CYBER-SECURITY-CURRICULUM
4 pages
Software and Web Security
No ratings yet
Software and Web Security
41 pages
Web Security (CAT-309) - Unit 1 Lecture 1
No ratings yet
Web Security (CAT-309) - Unit 1 Lecture 1
10 pages
4.1 Web Application Vulnerabilities - OWASP - ZSS
No ratings yet
4.1 Web Application Vulnerabilities - OWASP - ZSS
20 pages
InduSoft Application Design and SCADA Deployment Recommendations for Industrial Control System Security
From Everand
InduSoft Application Design and SCADA Deployment Recommendations for Industrial Control System Security
Richard Clark
No ratings yet
Unit 5
No ratings yet
Unit 5
10 pages
SW Security Ch1 Intro
No ratings yet
SW Security Ch1 Intro
39 pages
Cyber Security - 12 Weeks Quick Plan
No ratings yet
Cyber Security - 12 Weeks Quick Plan
15 pages
Java and Web Application Security
No ratings yet
Java and Web Application Security
4 pages
Meta Tags and Traffic Reports: Sara Khalid Suliman
No ratings yet
Meta Tags and Traffic Reports: Sara Khalid Suliman
25 pages
Introduction Advance Web Publishing
No ratings yet
Introduction Advance Web Publishing
22 pages
Search Engines: Sara Khalid Suliman
No ratings yet
Search Engines: Sara Khalid Suliman
34 pages
Database Access With PHP and Mysql
No ratings yet
Database Access With PHP and Mysql
14 pages
Instructor:: Doaa Adil Mohamed Altayeb
No ratings yet
Instructor:: Doaa Adil Mohamed Altayeb
34 pages
Answer All of The Following Questions.: ERP - Lab Assignment 1 Python Review
No ratings yet
Answer All of The Following Questions.: ERP - Lab Assignment 1 Python Review
1 page
Graduation Project Business Computing Department - 4 Year Follow - Up Form
No ratings yet
Graduation Project Business Computing Department - 4 Year Follow - Up Form
1 page
WSM Lec 1
No ratings yet
WSM Lec 1
12 pages
Engineering Mathematics-III Syllabus 220902 204109
No ratings yet
Engineering Mathematics-III Syllabus 220902 204109
3 pages
HP Systems Insight Manager 7.3 安装和配置指南 (Microsoft Windows) -c04234778
No ratings yet
HP Systems Insight Manager 7.3 安装和配置指南 (Microsoft Windows) -c04234778
99 pages
New Microsoft Office Word Document
No ratings yet
New Microsoft Office Word Document
5 pages
Translation of Sex-Related Qur'Anic Euphemisms, Mohammed Albarakati
100% (1)
Translation of Sex-Related Qur'Anic Euphemisms, Mohammed Albarakati
20 pages
Maha Shivaratri
No ratings yet
Maha Shivaratri
46 pages
ESP8266 NodeMCU
No ratings yet
ESP8266 NodeMCU
2 pages
Eng. DLL 2nd Quarter Week 3
No ratings yet
Eng. DLL 2nd Quarter Week 3
4 pages
Teresa de Lauretis BIBLIOGRAPHY
No ratings yet
Teresa de Lauretis BIBLIOGRAPHY
5 pages
Azure Services Periodic Table v1 1
No ratings yet
Azure Services Periodic Table v1 1
1 page
3rd Week - Language (3 Copies)
No ratings yet
3rd Week - Language (3 Copies)
4 pages
ACT Customization Guide For Mechanical
No ratings yet
ACT Customization Guide For Mechanical
62 pages
Worship in Revelation
100% (1)
Worship in Revelation
9 pages
Computer Network Module - 3
No ratings yet
Computer Network Module - 3
15 pages
b21 Dexway
No ratings yet
b21 Dexway
25 pages
Annual Calendar 2023
No ratings yet
Annual Calendar 2023
28 pages
Cognitive Dissonance Reexamining a Pivotal Theory in Psychology 2nd Edition Eddie Harmon-Jones - The ebook with rich content is ready for you to download
100% (1)
Cognitive Dissonance Reexamining a Pivotal Theory in Psychology 2nd Edition Eddie Harmon-Jones - The ebook with rich content is ready for you to download
70 pages
Evelyn Huang
No ratings yet
Evelyn Huang
1 page
Christ As The Adopted Son of God
No ratings yet
Christ As The Adopted Son of God
13 pages
Jan 07 Old SNAB Unit 1 MS
No ratings yet
Jan 07 Old SNAB Unit 1 MS
10 pages
1. Using Excel, SPSS or any other software package of your choice, analyze the data in problem 3.40 on page 91. Have the computer generate descriptive statistics and a histogram on the age. The descriptiv
No ratings yet
1. Using Excel, SPSS or any other software package of your choice, analyze the data in problem 3.40 on page 91. Have the computer generate descriptive statistics and a histogram on the age. The descriptiv
15 pages
Catechism of Pope Saint Pius X
100% (1)
Catechism of Pope Saint Pius X
104 pages
SS Summary: Page 223-229
No ratings yet
SS Summary: Page 223-229
4 pages
PREPARE 1 Grammar Plus Unit 01 2
No ratings yet
PREPARE 1 Grammar Plus Unit 01 2
2 pages
Coupled Oscillations - 2023
No ratings yet
Coupled Oscillations - 2023
36 pages
Edgar Dale
0% (1)
Edgar Dale
3 pages
Boolean Models and Methods in Mathematics Computer Science and Engineering 1st Edition Yves Crama pdf download
No ratings yet
Boolean Models and Methods in Mathematics Computer Science and Engineering 1st Edition Yves Crama pdf download
50 pages
Assignment 1
No ratings yet
Assignment 1
23 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Week01 PDF

Uploaded by

Week01 PDF

Uploaded by

Week 01: Web Security

Dr. Mohammed Alfateh Hassouna

Sudan International University

Have a comprehensive understanding of the vulnerabilities associated

On completion of this module, students should be able to:

Basic knowledge of web and its protocols like HTTP.

Overview of web and its security

Application vulnerabilities and defenses, SQL injection

1 Assignments and quizzes 20.

Bryan Sullivan, Vincent Liu ”Web Application Security, A Beginner’s

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.