* Cantinho Satkeys

Refresh History
  • FELISCUNHA: Votosde um santo domingo para todo o auditório  4tj97u<z
    24 de Novembro de 2024, 11:06
  • j.s.: bom fim de semana  49E09B4F
    23 de Novembro de 2024, 21:01
  • j.s.: try65hytr a todos
    23 de Novembro de 2024, 21:01
  • FELISCUNHA: dgtgtr   49E09B4F  e bom fim de semana
    23 de Novembro de 2024, 12:27
  • JPratas: try65hytr A Todos  101yd91 k7y8j0
    22 de Novembro de 2024, 02:46
  • j.s.: try65hytr a todos  4tj97u<z 4tj97u<z
    21 de Novembro de 2024, 18:43
  • FELISCUNHA: dgtgtr  pessoal   49E09B4F
    20 de Novembro de 2024, 12:26
  • JPratas: try65hytr Pessoal  4tj97u<z classic k7y8j0
    19 de Novembro de 2024, 02:06
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    16 de Novembro de 2024, 11:11
  • j.s.: bom fim de semana  49E09B4F
    15 de Novembro de 2024, 17:29
  • j.s.: try65hytr a todos  4tj97u<z
    15 de Novembro de 2024, 17:29
  • FELISCUNHA: ghyt74  pessoal   49E09B4F
    15 de Novembro de 2024, 10:07
  • JPratas: try65hytr A Todos  4tj97u<z classic k7y8j0
    15 de Novembro de 2024, 03:53
  • FELISCUNHA: dgtgtr   49E09B4F
    12 de Novembro de 2024, 12:25
  • JPratas: try65hytr Pessoal  classic k7y8j0 yu7gh8
    12 de Novembro de 2024, 01:59
  • j.s.: try65hytr a todos  4tj97u<z
    11 de Novembro de 2024, 19:31
  • cereal killa: try65hytr pessoal  2dgh8i
    11 de Novembro de 2024, 18:16
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    09 de Novembro de 2024, 11:43
  • JPratas: try65hytr Pessoal  classic k7y8j0
    08 de Novembro de 2024, 01:42
  • j.s.: try65hytr a todos  49E09B4F
    07 de Novembro de 2024, 18:10

Autor Tópico: Coding Mistakes that Hackers Abuse  (Lida 62 vezes)

0 Membros e 1 Visitante estão a ver este tópico.

Online mitsumi

  • Moderador Global
  • ***
  • Mensagens: 117505
  • Karma: +0/-0
Coding Mistakes that Hackers Abuse
« em: 25 de Outubro de 2020, 09:20 »

Coding Mistakes that Hackers Abuse
Duration: 6h16m | .MP4 1280x720, 30 fps(r) | AAC, 44100 Hz, 2ch | 1.8 GB
Genre: eLearning | Language: English
How to avoid writing insecure code

What you'll learn
The recurring security pitfalls that developers fall into
Manageable and practical root causes of many famous software weaknesses
Ability to map security bugs to specific coding patterns in your software
Reflexive security questions you should ask during coding
Familiarity with famous security bugs; XXE, Session Puzzling, Mass Assignment, XSS, Directory Traversal, IDOR and more
Secure and insecure ways of validating the input

Requirements
Intermediate knowledge of coding
Basic understanding of writing HTTP-based applications
No to little knowledge of security bugs

Description
This training is about writing secure software. We chose to deliver secure coding practices using a perspective where widespread coding security mistakes are classified into understandable chunks. We hope that this will make more sense and be more helpful to hardcore developers and analysts.

Security should be an intrinsic part of any software production methodology and its implementation. However, development is a complex process and it is extremely hard to keep a software secure as it ages. There are numerous security tools, methodologies and knowledge to produce a secure software. However, still vast number of applications include critical security bugs. Most of these bugs stem from bad coding patterns that we call software security anti-patterns or in simpler term, mistakes.

An anti-pattern is a common response to a recurring problem that is usually ineffective or worse carry risks. In simpler words, anti-patterns are commonly reinvented bad solutions to problems.

For example, one of the famous anti-patterns in software development is Spaghetti Code. In early phases of being a developer, we are usually not familiar with the importance of modularity or find little time to design first. So, we tend produce extremely complicated, hard to understand unstructured software. This way of coding produces Spaghetti Code but the end product application still may run and serve in production. However, it is extremely hard to adapt to new changes. Because since the code is not modular or structured, it is hard to add new features. Moreover, any change in the code effects other flows in an unpredictable manner. The maintenance is also crippled. Since the code's complicated form will make the life of new developers' difficult when they are adjusting.

Similarly, there are bad design or coding choices that repeatedly lead to security bugs. It is important to be aware of these software security anti-patterns in order not to fall prey to hackers. The course will contain eight different core mistakes. Some are more prevalent than the others, however, all of them produce deadly results. In each lesson, we will first try to explain what the specific anti-pattern is all about. Then, we will move on giving one or more demos on what can go wrong when that mistake is made. At the end of each lesson, we will look at different sound and widely acknowledged solutions against insecure design or coding choices.

Who this course is for:
Software developers
Software analysts

Download link:
Só visivel para registados e com resposta ao tópico.

Only visible to registered and with a reply to the topic.

Links are Interchangeable - No Password - Single Extraction