Foundational JavaScript Security
48mAdvanced2021-05-26
Authors

Emmanuel Henri
Executive with 20+ years of experience in programming and design
Course details
JavaScript offers great power, but also many opportunities to leave doors open to hackers. Ethical hacking lets you find those open doors before they can be exploited and ensure that your sites and applications stay standing. This course shows how to improve security on your JavaScript projects using a wide variety of testing tools that provide maximum coverage. Emmanuel Henri starts by showing how to plan your strategy and set up the project in this course. He then shows how to perform reconnaissance using Snyk, GitHub Dependabot, and AppSensor. He also reviews the top eight security threats to JavaScript apps and websites, including injection, insecure deserialization, and insufficient logging. Finally, he shows how to close these loopholes in hands-on exercises. Make sure to take the challenges issued along the way to test your JavaScript security prowess.
Skills covered
Software Development SecurityJavaScriptOracleCybersecurityProgramming LanguagesSoftware DevelopmentDeep Dive (X:Y)
Concepts
0. Introduction
- 01 - Foundational JavaScript security
- 02 - What you should know
1. Introduction and Setup
- 03 - What is ethical hacking
- 04 - Overview of cyber kill chain
- 05 - Plan an attack strategy
- 06 - Base project setup
- 07 - Challenge - What is ethical hacking
- 08 - Solution - What is ethical hacking
2. Reconnaissance
- 09 - Reconnaissance introduction
- 10 - Introduction and setup for Snyk
- 11 - Introduction to GitHub Dependabot
- 12 - Introduction to AppSensor
- 13 - Reconnaissance applied to project
- 14 - Challenge - What is the purpose of reconnaissance
- 15 - Solution - What is the purpose of reconnaissance
3. Top Security Threats
- 16 - Injection threat
- 17 - Broken authentication
- 18 - Sensitive data
- 19 - XML external entities
- 20 - Security misconfiguration
- 21 - Insecure deserialization
- 22 - Components with known vulnerabilities
- 23 - Insufficient logging and monitoring
- 24 - Challenge - What is the best resource for top threats
- 25 - Solution - What is the best resource for top threats
4. Security Threats Applied
- 26 - Injection threat resources
- 27 - Broken authentication resources
- 28 - Sensitive data exposure resources
- 29 - XML external entities resources
- 30 - Security misconfiguration resources
- 31 - Secure deserialization resources
- 32 - Challenge - What is secured deserialization
- 33 - Solution - What is secured deserialization
Conclusion
- 34 - Next steps
Related courses
- Building a Video Chat App with Vue.js 2 and Firebase
- Web Portfolio Projects: Binding and Propagation
- Building Website Interactivity with JavaScript
- JavaScript: Recursion
- Vanilla JavaScript: Animations
- Blazor WebAssembly: Foundational Skills
- JavaScript: Test-Driven Development (ES6)
- Advanced Blazor WebAssembly