* Cantinho Satkeys

Refresh History
  • j.s.: tenham um bom domingo  4tj97u<z
    05 de Julho de 2026, 09:39
  • j.s.: ghyt74 a todos  49E09B4F
    05 de Julho de 2026, 09:38
  • JP: try65hytr Pessoal  4tj97u<z 2dgh8i k7y8j0 r4v8p xe4s
    03 de Julho de 2026, 04:43
  • cereal killa: try65hytr pessoal,esta calor do karago  r4v8p 43e5r6
    01 de Julho de 2026, 22:01
  • j.s.: try65hytr a todos  49E09B4F
    30 de Junho de 2026, 21:02
  • JP: try65hytr Pessoal  4tj97u<z  2dgh8i k7y8j0 r4v8p
    30 de Junho de 2026, 05:31
  • JP: try65hytr Pessoal  4tj97u<z 2dgh8i k7y8j0 classic
    26 de Junho de 2026, 05:05
  • cereal killa: ghyt74 e continuaçao bom sao joao  wwd46l0'
    24 de Junho de 2026, 12:16
  • JP: try65hytr Pessoal  4tj97u<z 2dgh8i k7y8j0 xe4s
    24 de Junho de 2026, 04:05
  • FELISCUNHA: ghyt74   4tj97u<z e bom São João  h7i37
    23 de Junho de 2026, 10:55
  • j.s.: dgtgtr a todos  49E09B4F
    20 de Junho de 2026, 15:51
  • FELISCUNHA: ghyt74   49E09B4F  e bom fim de semana  4tj97u<z
    20 de Junho de 2026, 11:31
  • JP: try65hytr Pessoal  4tj97u<z 2dgh8i k7y8j0
    19 de Junho de 2026, 04:41
  • romi: Beleza
    19 de Junho de 2026, 04:28
  • cereal killa: try65hytr pessoal  2dgh8i
    18 de Junho de 2026, 23:28
  • JP: dgtgtr Pessoal  2dgh8i k7y8j0 r4v8p
    18 de Junho de 2026, 19:48
  • joaozinho_bosco: boas tardes.......há quanto tempo
    18 de Junho de 2026, 14:35
  • j.s.: dgtgtr a todos  49E09B4F
    16 de Junho de 2026, 18:24
  • JP: try65hytr Pessoal  2dgh8i k7y8j0 classic
    16 de Junho de 2026, 05:44
  • j.s.: bom fim de semana  4tj97u<z
    13 de Junho de 2026, 11:23

Autor Tópico: Coding Mistakes that Hackers Abuse  (Lida 314 vezes)

0 Membros e 1 Visitante estão a ver este tópico.

Offline mitsumi

  • Sub-Administrador
  • ****
  • Mensagens: 134140
  • Karma: +0/-0
Coding Mistakes that Hackers Abuse
« em: 25 de Outubro de 2020, 09:20 »

Coding Mistakes that Hackers Abuse
Duration: 6h16m | .MP4 1280x720, 30 fps(r) | AAC, 44100 Hz, 2ch | 1.8 GB
Genre: eLearning | Language: English
How to avoid writing insecure code

What you'll learn
The recurring security pitfalls that developers fall into
Manageable and practical root causes of many famous software weaknesses
Ability to map security bugs to specific coding patterns in your software
Reflexive security questions you should ask during coding
Familiarity with famous security bugs; XXE, Session Puzzling, Mass Assignment, XSS, Directory Traversal, IDOR and more
Secure and insecure ways of validating the input

Requirements
Intermediate knowledge of coding
Basic understanding of writing HTTP-based applications
No to little knowledge of security bugs

Description
This training is about writing secure software. We chose to deliver secure coding practices using a perspective where widespread coding security mistakes are classified into understandable chunks. We hope that this will make more sense and be more helpful to hardcore developers and analysts.

Security should be an intrinsic part of any software production methodology and its implementation. However, development is a complex process and it is extremely hard to keep a software secure as it ages. There are numerous security tools, methodologies and knowledge to produce a secure software. However, still vast number of applications include critical security bugs. Most of these bugs stem from bad coding patterns that we call software security anti-patterns or in simpler term, mistakes.

An anti-pattern is a common response to a recurring problem that is usually ineffective or worse carry risks. In simpler words, anti-patterns are commonly reinvented bad solutions to problems.

For example, one of the famous anti-patterns in software development is Spaghetti Code. In early phases of being a developer, we are usually not familiar with the importance of modularity or find little time to design first. So, we tend produce extremely complicated, hard to understand unstructured software. This way of coding produces Spaghetti Code but the end product application still may run and serve in production. However, it is extremely hard to adapt to new changes. Because since the code is not modular or structured, it is hard to add new features. Moreover, any change in the code effects other flows in an unpredictable manner. The maintenance is also crippled. Since the code's complicated form will make the life of new developers' difficult when they are adjusting.

Similarly, there are bad design or coding choices that repeatedly lead to security bugs. It is important to be aware of these software security anti-patterns in order not to fall prey to hackers. The course will contain eight different core mistakes. Some are more prevalent than the others, however, all of them produce deadly results. In each lesson, we will first try to explain what the specific anti-pattern is all about. Then, we will move on giving one or more demos on what can go wrong when that mistake is made. At the end of each lesson, we will look at different sound and widely acknowledged solutions against insecure design or coding choices.

Who this course is for:
Software developers
Software analysts

Download link:
Só visivel para registados e com resposta ao tópico.

Only visible to registered and with a reply to the topic.

Links are Interchangeable - No Password - Single Extraction