Back to index
Overview
-
Intro
- Fundamental Information Security Principles (CIA, Authenticity, Accountability, etc.)
- Taxonomy of Vulnerability, Threat, Attack, Control, and Incident
- Software Security vs. Network Security and the Application‑Layer Perimeter
- SimpleWebServer Java Implementation – Architecture and Code Walkthrough
- Identified Vulnerabilities in SimpleWebServer and Secure Coding Countermeasures
-
Security Threat & Vulnerability
- Injection Vulnerabilities in Web Applications
- Cross‑Site Scripting (XSS) Attacks and Defenses
- Cross‑Site Request Forgery (CSRF) Mechanics and Mitigations
- Broken Authentication, Session Management, and Access‑Control Flaws
- Security Misconfiguration and Vulnerable Third‑Party Components
- Insecure Deserialization and Cryptographic Storage Weaknesses
- Transport‑Layer Protection, Logging, and Runtime Attack Defense
-
Ethical Hacking
- Foundations of Ethical Hacking - Definitions, Objectives, and Professional Codes
- Penetration Testing Methodologies and the Cyber Kill Chain
- Reconnaissance and Network Scanning Techniques for Ethical Hackers
- Vulnerability Assessment, Exploitation, and Post‑Exploitation Practices
- Web Application Security - Attack Vectors and Defensive Controls