Znajdź zawartość

OWASP Top 10 Web Application Security Risks for ASP.NET English | Size: 2.08 GB Category: CBTs Introduction Who's getting hacked? Who's doing the hacking? OWASP and the Top 10 Applying security in depth Injection Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: LulzSec and Sony Understanding SQL injection Defining untrusted data Demo: The prin[beeep]le of least privilege Demo: Inline SQL parameterisation Demo: Stored procedure parameterisation Demo: Whitelisting untrusted data Demo: Entity Framework's SQL parameterisation Demo: Injection through stored procedure Demo: Injection automation with Havij Summary Cross Site Scripting (XSS) Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: My Space and Samy Understanding XSS Output encoding concepts Demo: Implementing output encoding Demo: Output encoding in web forms Demo: Output encoding in MVC Demo: Whitelisting allowable values Demo: ASP.NET request validation Demo: Reflective versus persistent XSS Demo: Native browser defences Demo: Payload obfuscation Summary Broken Authentication and Session Management Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: Apple's session fixation Persisting state in a stateless protocol The risk of session persistence in the URL versus cookies Demo: Securely configuring session persistence Demo: Leveraging ASP.NET membership provider for authentication Customising session and forms timeouts to minimise risk windows Siding versus fixed forms timeout Other broken authentication patterns Summary Insecure Direct Object References Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: Citibank Understanding direct object references Demo: Implementing access controls Understanding indirect reference maps Demo: Building an indirect reference map Obfuscation via random surrogate keys Summary Cross Site Request Forgery (CSRF) Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: Compromised Brazilian modems What makes a CSRF attack possible Understanding anti-forgery tokens Demo: Implementing an anti-forgery token in MVC Demo: Web forms approach to anti-forgery tokens CSRF fallacies and browser defences Summary Security Misconfiguration Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: ELMAH Demo: Correctly configuring custom errors Demo: Securing web forms tracing Demo: Keeping frameworks current with NuGet Demo: Encrypting sensitive parts of the web.config Demo: Using config transforms to apply secure configurations Demo: Enabling retail mode on the server Summary Insecure Cryptographic Storage Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: ABC passwords Understanding password storage and hashing Understanding salt and brute force attacks Slowing down hashes with the new Membership Provider Other stronger hashing implementations Things to consider when choosing a hashing implementation Understanding symmetric and asymmetric encryption Demo: Symmetric encryption using DPAPI What's not cryptographic Summary Failure to Restrict URL Access Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: Apple AT&T leak Demo: Access controls in ASP.NET part 1: web.config locations Demo: Access controls in ASP.NET part 2: The authorize attribute Demo: Role based authorisation with the ASP.NET Role Provider Other access controls risk and misconceptions Summary Insufficient Transport Layer Protection Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: Tunisian ISPs Demo: Understanding secure cookies and forms authentication Demo: Securing other cookies in ASP.NET Demo: Forcing web forms to use HTTPS Demo: Requiring HTTPS on MVC controllers Demo: Mixed mode HTTPS HTTP strict transport security Other insufficient HTTPS patterns Other HTTPS considerations Summary Unvalidated Redirects and Forwards Introduction OWASP overview and risk rating Demo: Anatomy of an attack Risk in practice: US government websites Understanding the value of unvalidated redirects to attackers Demo: implementing a whitelist Demo: implementing referrer checking Other issues with the unvalidated redirect risk Summary Download link: http://rapidgator.net/file/9736773b2a04433a5000f05733d860a2/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part1.rar.html http://rapidgator.net/file/41b8c4294a8fb81727cbad270882159d/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part2.rar.html http://rapidgator.net/file/4d90d052b231b46ec6ac2fe43e9b114f/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part3.rar.html http://rapidgator.net/file/907c7c78e0241171175a1659966fd42d/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part4.rar.html http://nitroflare.com/view/4F582E558609FE1/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part1.rar http://nitroflare.com/view/E03C9047EE27A01/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part2.rar http://nitroflare.com/view/696DC0C0DEACC50/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part3.rar http://nitroflare.com/view/21FF77F78B3CDF9/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part4.rar https://uploadgig.com/file/download/70bc32310d40527e/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part1.rar https://uploadgig.com/file/download/Acf41a459a67e0A5/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part2.rar https://uploadgig.com/file/download/1AdD92aa1d3b7a41/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part3.rar https://uploadgig.com/file/download/eAd875E823786444/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part4.rar http://uploaded.net/file/2j5w3vxv/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part1.rar http://uploaded.net/file/tjw2gam2/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part2.rar http://uploaded.net/file/z7wx4mtc/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part3.rar http://uploaded.net/file/01uk9hxy/j1h5i.OWASP.Top.10.Web.Application.Security.Risks.for.ASP.NET.part4.rar Links are Interchangeable - No Password - Single Extraction

Tutsplus : PHP OWASP Security 2 hours | English | .MP4 | h264, yuv420p, 1280x720, 25 fps® | aac, 44100 Hz, stereo | 1.24 GB Genre: E-learning | Michael Soileau The OWASP Top Ten is a list of the ten most critical web application security flaws that researchers have found in the wild, ranked by level of threat. This list has been compiled by security experts from all around the world. The OWASP Top Ten is a resource that web developers use to look for known vulnerabilities, exploits and counter-measures. PHP has its own unique set of exploits, but it also has built-in functions and methods to deal with those exploits. In this course, Tuts+ instructor Michael Soileau will demonstrate examples of the attacks in the OWASP Top Ten, and will teach you how to harden your site and defend against each one of them. http://rapidgator.net/file/372600b4e0f6f0e0241bd731e8a5cded/8y7c1.Tutsplus..PHP.OWASP.Security.part1.rar.html http://rapidgator.net/file/b23cb45752f3e65d8336d877e7773416/8y7c1.Tutsplus..PHP.OWASP.Security.part2.rar.html http://rapidgator.net/file/ae243a5466b9b17e5c7aeb7425f50f07/8y7c1.Tutsplus..PHP.OWASP.Security.part4.rar.html http://rapidgator.net/file/fa640c95e3bcd2fdd58dad1e179e8469/8y7c1.Tutsplus..PHP.OWASP.Security.part3.rar.html http://rapidgator.net/file/69e8fa182bdcef228d26995b05213bd9/8y7c1.Tutsplus..PHP.OWASP.Security.part5.rar.html http://www.nitroflare.com/view/D8E6BD5D85131C0/8y7c1.Tutsplus..PHP.OWASP.Security.part1.rar http://www.nitroflare.com/view/11E43DD184D5C3A/8y7c1.Tutsplus..PHP.OWASP.Security.part2.rar http://www.nitroflare.com/view/0493CACF8F46AD3/8y7c1.Tutsplus..PHP.OWASP.Security.part3.rar http://www.nitroflare.com/view/A65C7505BD49C71/8y7c1.Tutsplus..PHP.OWASP.Security.part4.rar http://www.nitroflare.com/view/25DA4060AA1E4B7/8y7c1.Tutsplus..PHP.OWASP.Security.part5.rar http://uploaded.net/file/ur57g5ry/8y7c1.Tutsplus..PHP.OWASP.Security.part1.rar http://uploaded.net/file/0n1i6gwl/8y7c1.Tutsplus..PHP.OWASP.Security.part2.rar http://uploaded.net/file/gy4hjof2/8y7c1.Tutsplus..PHP.OWASP.Security.part3.rar http://uploaded.net/file/1uxiw8h7/8y7c1.Tutsplus..PHP.OWASP.Security.part4.rar http://uploaded.net/file/w6juoovs/8y7c1.Tutsplus..PHP.OWASP.Security.part5.rar http://www.uploadable.ch/file/ZVzXFRNvganJ/8y7c1.Tutsplus..PHP.OWASP.Security.part1.rar http://www.uploadable.ch/file/5ZuymJHN5YVZ/8y7c1.Tutsplus..PHP.OWASP.Security.part2.rar http://www.uploadable.ch/file/J65MN5AEtabJ/8y7c1.Tutsplus..PHP.OWASP.Security.part3.rar http://www.uploadable.ch/file/FqkgNVYMayE7/8y7c1.Tutsplus..PHP.OWASP.Security.part4.rar http://www.uploadable.ch/file/knre6hyvRgeT/8y7c1.Tutsplus..PHP.OWASP.Security.part5.rar

Tutsplus - PHP OWASP Security With Michael Soileau 2 hours | English | .MP4 | h264, yuv420p, 1280x720, 25 fps® | aac, 44100 Hz, stereo | 1.24 GB Genre: E-learning | Michael Soileau The OWASP Top Ten is a list of the ten most critical web application security flaws that researchers have found in the wild, ranked by level of threat. This list has been compiled by security experts from all around the world. The OWASP Top Ten is a resource that web developers use to look for known vulnerabilities, exploits and counter-measures. PHP has its own unique set of exploits, but it also has built-in functions and methods to deal with those exploits. In this course, Tuts+ instructor Michael Soileau will demonstrate examples of the attacks in the OWASP Top Ten, and will teach you how to harden your site and defend against each one of them. Download From Uploaded http://uploaded.net/file/79b90auq/PHPOWASPSecurity.part1.rar http://uploaded.net/file/scg758ku/PHPOWASPSecurity.part2.rar http://uploaded.net/file/zt5ed38d/PHPOWASPSecurity.part3.rar http://uploaded.net/file/nxx2epjx/PHPOWASPSecurity.part4.rar http://uploaded.net/file/niujx7fe/PHPOWASPSecurity.part5.rar Download From NitroFlare http://www.nitroflare.com/view/5D59708967CA03F/PHPOWASPSecurity.part1.rar http://www.nitroflare.com/view/2C040A3B0BC6F40/PHPOWASPSecurity.part2.rar http://www.nitroflare.com/view/B22DB6672DADFEF/PHPOWASPSecurity.part3.rar http://www.nitroflare.com/view/02B11413BA1DEF2/PHPOWASPSecurity.part4.rar http://www.nitroflare.com/view/DC194F80577F333/PHPOWASPSecurity.part5.rar Download From Rapidgator http://rapidgator.net/file/bbcabf5a0317a1e1dc694dbc653ff2cd/PHPOWASPSecurity.part1.rar.html http://rapidgator.net/file/709365d98df65996d2365bbb6501ea11/PHPOWASPSecurity.part2.rar.html http://rapidgator.net/file/c215e604e5474988a36468fec7ab863f/PHPOWASPSecurity.part3.rar.html http://rapidgator.net/file/5b26c8d5bf6cf428f9ab410db41abd0c/PHPOWASPSecurity.part4.rar.html http://rapidgator.net/file/999b5322726af7d955d4f4a6bbec7b92/PHPOWASPSecurity.part5.rar.html

Pluralsight - Web Security and the OWASP Top 10: The Big Picture English | 2h 3m | AVC (.mp4) 1024x768 15fps | AAC 48KHz 2ch | 269 Mb Genre: eLearning OWASP Top 10 "The Big Picture" is all about understanding the top 10 web security risks we face on the web today in an easily consumable, well-structured fashion that aligns to the nuMber one industry standard on the topic today. Security on the web is becoming an increasingly important topic for organisations to grasp. Recent years have seen the emergence of the hacktivist movement, the increasing sophistication of online career criminals and now the very real threat posed by nation states compromising personal and corporate security. The Open Web Application Security Project gives us the OWASP Top 10 to help guide the secure development of online applications and defend against these threats. This course takes you through a very well-structured, evidence-based prioritisation of risks and most importantly, how organisations building software for the web can protect against them. DOWNLOAD http://rapidgator.net/file/682728e10245b876b4b983771754c3b8/OWASP.part1.rar.html http://rapidgator.net/file/9a308aedeb92cd1db0a01bed7671bac1/OWASP.part2.rar.html http://rapidgator.net/file/00e877a87e9715bce14f72aaac3c7ef5/OWASP.part3.rar.html http://uploaded.net/file/8fyz035h/OWASP.part1.rar http://uploaded.net/file/foe1yhtr/OWASP.part2.rar http://uploaded.net/file/we1shui0/OWASP.part3.rar http://www.uploadable.ch/file/c5xmZ9Y7Nhuh/OWASP.part1.rar http://www.uploadable.ch/file/fuCvQsS9CbqN/OWASP.part2.rar http://www.uploadable.ch/file/uCVkdZWjyZQg/OWASP.part3.rar