» » PluralSight-Hack-proofing Your ASP.NET Web Applications Tutorials



Information of news
10-09-2013, 19:35

PluralSight-Hack-proofing Your ASP.NET Web Applications Tutorials

Category: Tutorials

PluralSight-Hack-proofing Your ASP.NET Web Applications Tutorials

PluralSight Hack-proofing Your ASP.NET Web Applications Tutorials
Authored by: Adam Tuliper | Duration: 5h 0m | Level: Intermediate | Released: 2/3/2012 | 928MB
Genre : eLearning

Developers are notoriously lax in security. Part of the problem is not understanding how our applications are attacked. To protect your applications you need to BE a hacker. You need to understand how your applications are hacked, and therefore, how to protect them. This course goes over the most common hacking techniques using an array of current attacks to show how a web application is exploited. This course covers exploits and protections for both Web Forms and MVC. Covered are such topics as sql injection, parameter tampering, information leakage, cross-site scripting (xss), cross-site request forgery, encryption, hashing, and denial of service all with applicable demos.



SQL Injection 00:45:08
Introduction
You have not watched this Clip. 00:09
What is SQL Injection?
You have not watched this Clip. 04:14
Demo - Form based SQL Injection 1
You have not watched this Clip. 11:28
Demo - Form based SQL Injection 2
You have not watched this Clip. 02:22
How do you prevent SQL Injection?
You have not watched this Clip. 02:23
Demo - SQL Permissions Auditor Tool
You have not watched this Clip. 02:28
Additional Protections
You have not watched this Clip. 03:40
Problematic Fixes - Blacklisting Routines
You have not watched this Clip. 04:13
Problematic Fixes - SQL Routines and SQL Truncation
You have not watched this Clip. 04:32
Basic Dynamic Query Ideas
You have not watched this Clip. 05:49
Using an ORM
You have not watched this Clip. 03:24
Additional Information / References
You have not watched this Clip. 00:26

This module is unavailableInformation Leakage 00:15:36
Introduction
You have not watched this Clip. 00:10
What is information leakage?
You have not watched this Clip. 01:06
How is it information gathered?
You have not watched this Clip. 01:58
Demo - Web App Basic Information Leakage
You have not watched this Clip. 00:50
Demo - Information Leakage from error page
You have not watched this Clip. 00:37
Demo - Information Leakage by Ajax
You have not watched this Clip. 01:47
How do you prevent Information Leakage?
You have not watched this Clip. 08:40
Additional Reading
You have not watched this Clip. 00:28

This module is unavailableCross-Site Scripting (XSS) 01:11:00
Introduction
You have not watched this Clip. 00:09
What is XSS?
You have not watched this Clip. 03:40
How is XSS exploited?
You have not watched this Clip. 00:47
Demo - Reflected XSS Attack
You have not watched this Clip. 02:08
Demo - Persistent XSS Attack
You have not watched this Clip. 03:47
Demo - Older Style IE6 Content Type Sniffing Attack
You have not watched this Clip. 01:38
Demo - DOM Based XSS
You have not watched this Clip. 07:02
Demo - Data URI - Link Hijack
You have not watched this Clip. 03:37
Demo - Dangling Markup/Scriptless Attacks
You have not watched this Clip. 05:59
How do you prevent XSS?
You have not watched this Clip. 02:54
How do you prevent XSS (page 2)
You have not watched this Clip. 01:14
Demo (Prevention)- AntiXss GetSafeHtmlFragment()
You have not watched this Clip. 01:52
Demo (Prevention)- Specifying UTF-8 Encoding
You have not watched this Clip. 01:11
Demo (Prevention)- Content Security Policy
You have not watched this Clip. 05:37
Problems with blacklists / character filtering
You have not watched this Clip. 03:14
How do you prevent XSS (last but not least)
You have not watched this Clip. 03:46
Don't turn off Request Validation
You have not watched this Clip. 05:07
Know your encoding options
You have not watched this Clip. 04:42
Demo (Fix) - Fixing Web Forms Repeater
You have not watched this Clip. 02:16
Demo (Fix) - Fixing Scriptless / Dangling HTML
You have not watched this Clip. 00:59
Demo (Fix) - Fixing DOM based attacks
You have not watched this Clip. 04:22
Tools
You have not watched this Clip. 02:27
Summary
You have not watched this Clip. 02:10
Additional Information / References
You have not watched this Clip. 00:22

This module is unavailableParameter Tampering 00:29:03
Introduction
You have not watched this Clip. 00:08
What is parameter tampering?
You have not watched this Clip. 00:37
How is it exploited?
You have not watched this Clip. 01:22
MVC Parameter Tampering
You have not watched this Clip. 05:21
Web Forms Parameter Tampering
You have not watched this Clip. 04:50
EventValidation issues with client side script
You have not watched this Clip. 01:24
Preventing tampering in MVC
You have not watched this Clip. 02:45
Preventions - Regular Expressions
You have not watched this Clip. 01:13
Preventions - Data Annotations
You have not watched this Clip. 01:20
Validate your data!
You have not watched this Clip. 03:20
A few minor words of caution
You have not watched this Clip. 03:23
Summary
You have not watched this Clip. 02:30
Additional Information / References
You have not watched this Clip. 00:50

This module is unavailableEncryption and Hashing 00:45:34
Introduction
You have not watched this Clip. 00:10
Why should I encrypt?
You have not watched this Clip. 05:11
How to encrypt - database side
You have not watched this Clip. 01:07
SQL - Encrypt by passphrase
You have not watched this Clip. 02:50
SQL - Encrypt by certificate
You have not watched this Clip. 01:51
How to encrypt - application code
You have not watched this Clip. 03:51
How to encrypt - configuration settings
You have not watched this Clip. 02:44
Forcing SSL - MVC
You have not watched this Clip. 02:36
Forcing SSL - Web Forms
You have not watched this Clip. 00:59
Forcing SSL - Additional Information
You have not watched this Clip. 01:45
Installing SSL on your development box
You have not watched this Clip. 03:58
About Hashing
You have not watched this Clip. 01:25
How are hashes attacked?
You have not watched this Clip. 02:36
What's a salt?
You have not watched this Clip. 01:22
Demo - Basic hash with salt
You have not watched this Clip. 01:17
Demo - Hash brute force attack (even with a salt!)
You have not watched this Clip. 03:03
Tool Demo - Hashcat
You have not watched this Clip. 01:16
Choosing the right approaches
You have not watched this Clip. 04:25
Membership provider support
You have not watched this Clip. 01:38
But I need my lost password functionality!
You have not watched this Clip. 00:59
Additional Information
You have not watched this Clip. 00:31

This module is unavailableCross-Site Request Forgery (CSRF) 00:38:36
Introduction
You have not watched this Clip. 00:09
What is CSRF?
You have not watched this Clip. 01:02
How is CSRF exploited?
You have not watched this Clip. 02:41
Demo - Exploit using email image src
You have not watched this Clip. 04:59
Demo - Repeatability is the key
You have not watched this Clip. 01:16
Demo - CSRF from XSS
You have not watched this Clip. 01:27
POSTs protect me, don't they?
You have not watched this Clip. 04:38
Demo - Web Forms One Click Attack - Forge user interaction
You have not watched this Clip. 07:32
How do you prevent CSRF?
You have not watched this Clip. 02:27
Web Forms CSRF Prevention
You have not watched this Clip. 05:28
MVC CSRF Prevention
You have not watched this Clip. 04:53
Summary
You have not watched this Clip. 02:04

This module is unavailableDenial of Service 00:17:49
Introduction
You have not watched this Clip. 00:07
How is DoS exploited?
You have not watched this Clip. 05:05
Demo - Affecting the victim's browser
You have not watched this Clip. 02:25
Demo - Browser based distributed denial of service
You have not watched this Clip. 03:35
Demo - Slow page = easy target
You have not watched this Clip. 03:55
Preventing DoS
You have not watched this Clip. 02:07
Additional Information / References
You have not watched this Clip. 00:35

This module is unavailableSession Management and Hijacking 00:37:24
Introduction
You have not watched this Clip. 00:10
ASP.NET Session Id Management Background
You have not watched this Clip. 04:40
Session Management Demo
You have not watched this Clip. 05:04
How can sessions be attacked?
You have not watched this Clip. 01:06
Demo - stealing a session
You have not watched this Clip. 06:04
Preventing Session Attacks
You have not watched this Clip. 01:05
Syncing Forms authentication timeouts and session timeouts
You have not watched this Clip. 04:56
Preventing - Removing the session cookie on login/logout
You have not watched this Clip. 02:43
Preventing - Avoid cookieless sessions
You have not watched this Clip. 00:59
Custom session id managers
You have not watched this Clip. 09:23
Additional Information
You have not watched this Clip. 01:14

Link Download


Buy Premium To Support Me & Get Resumable Support & Fastest Speed


uploaded


Rapidgator.net
Site BBcode/HTML Code:

Tags to an Article: PluralSight, Hack, proofing, Your, ASP

Dear visitor, you went to the site as unregistered user.
We recommend you Sign up or Login to website under your name.
Information
Would you like to leave your comment? Please Login to your account to leave comments. Don't have an account? You can create a free account now.