Training Course

OWASP: Avoiding Hacker Tricks

Browse All Courses > Security

Have a question while you're learning?

Get in-depth explanations, tips, further insights, and more from Certified Experts. Our experts are vetted industry professionals eager to help you learn from their experiences.

Course Syllabus(19 Lessons)

OWASP: Avoiding Hacker Tricks
Topic A: Introduction - Part 1
3 lessons26m 58s
Topic B: Know Your Threats - Part 1
3 lessons5m 17s
Topic C: Cross Site Scripting - Part 1
3 lessons13m 19s
Topic D: SQL Injection Attack - Part 1
3 lessons17m 48s

Course Description

We will begin this course with an introduction on building secure software, including how to explore the hacker mindset, understanding defense in depth, applying secure coding techniques, and threat modeling.

We will then discuss how to determine your threats, protect your assets, and use the Open Web Application Security Project. We will learn how to mitigate cross-site scripting, where the attacker injects unexpected characters and tags into a vulnerable input and fails to properly validate things.

Next, we will describe an SQL-injection attack, where the hacker is using specialized knowledge of how database and storage works, and makes use of special character sequences to inject code. Here, we will take a look at how SQL injection works and what we can do about it.

Lastly, we will cover insecure object reference attacks, where you depend on a predictable pattern for IDs. Hackers modify the URL and make requests to get unauthorized access to content. This will lead into integer overflow, where we make sure the results of calculations are validated before we assign values to variables.

Course Details

1h 23m 47s


Mike Benkovich
I deliver technical presentations around the U.S. as a consultant, trainer, and former Developer Evangelist for Microsoft. I have worked in a variety of professional roles, including architect, project manager, developer, and technical writer. I’m also an author of two books, published by WROX Press and APress, that show developers how to get the most from their SQL databases. Since appearing in the 1994 Microsoft DevCast, I have presented technical information at seminars, conferences, and corporate boardrooms across America.
Mike BenkovichPresenter, Trainer, Author, Instructor

Share Course

Ready to get started?