Secure coding: Dive into Injections with Java & Spring boot

Udemy Secure coding: Dive into Injections with Java & Spring boot

Register & Get access to index
2NbYXBj.jpg


Learn how to secure your code and protect from different type of injection attacks with example applications

What you'll learn​

  • Secure coding
  • Injection vulnerability
  • SQL Injection with PostgreSQL
  • NoSQL Injection with MongoDB
  • LDAP Injection with OpenLDAP
  • LOG Injection
  • CSV Injection
  • Spring security Form login authentication
  • Spring Data JPA
  • Spring Data MongoDB
  • Spring LDAP
  • Spring Validation



Requirements​

  • Knowledge of Java
  • Basic knowledge of Spring Framework
  • Basic knowledge of SQL
  • Basic knowledge of Web application development


Description​

Hi there! My name is Ali Gelenler. I'm here to help you to learn securing your code and making it free from injection attacks.
In this course, we will focus on different type of injection attacks;
  • SQL Injection
  • NoSQL injection
  • LDAP injection
  • LOG injection
  • CSV injection
We will follow a hands-on approach. You will not only learn how to exploit an application using different kind of injection attacks, but also develop the vulnerable applications from scratch in which we’ll have a common web login module with spring security form login, and separate applications for SQL, NoSQL and LDAP injections. The applications will be developed using Java and Spring boot along with the most recent technologies and tools, like PostgreSQL for SQL Injection, MongoDB for NoSQL injection and OpenLDAP for LDAP injection.
In each section there will be;
  • Development of the vulnerable application using Java, Spring boot and Spring security
  • Hacking of the application with various attacks
  • Protection steps and the implementations to prevent injection attacks
At the end of the course you will understand the different type of injection vulnerabilities, as well as perform injection attacks against the vulnerable applications you have developed, and learn how to protect your applications against the injection attacks using various techniques such as validation and sanitisation using white list approach, parametrised queries with prepared statements, escaping output, using secure trusted libraries, error handling and logging, and general coding practices.
If you want to skip the development and only see the hacking of applications, you can jump into the injection lectures and download the source code provided in the resources section of that lecture. Be aware that you will still need to install Postgresql for SQL Injection, MongoDB for NoSQL injection and OpenLDAP docker container for LDAP injection. You can see how to install and configure these data sources in the beginning lectures of each injection section.

Who this course is for:​

  • One that wants to learn secure coding and web security
  • One that wants to dive into injection vulnerability with different type of attacks
  • One that likes to learn with a hands-on approach
Author
TUTProfessor
Downloads
65
Views
874
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from TUTProfessor