ASP.NET Core Security. Novice to Consecrated
What you'll learn
- Learn about ASP and .NET built-in security mechanisms
- Enforce Transport Layer Security and HSTS to prevent network sniffing
- Write code in Razor syntax to prevent malicious script implant injection
- Familiarize with GET and POST methods in Hyper Text Transfer Protocol (HTTP)
- Familiarize with Web Parameter Tampering and Overposting attacks
- Create good user password policy for application
- Familiarize with Cross-Site Request Forgery (CSRF/XSRF) attacks
- Learn what is Open Redirect vulnerability
- Simulate Path Traversal attack scenario in laboratory environment
- Create honeypot traps in web app to mislead unethical hackers
- Use serialization and deserialization mechanisms wisely
- Learn about Forced Browsing technique
Requirements
- You should have basic understanding of C# language syntax
- You should be able to download and run sample ASP and .NET project in Visual Studio
Description
Welcome to ASP.NET Core Security course for .NET 7 and newer!
These materials are essential knowledge about ASP.NET built-in protection mechanisms plus we will learn to think like a hacker and this is our first step towards defensive programming and increased security of created applications. In the laboratory we will use sample application in ASP.NET technology with various vulnerabilities to simulate attack scenarios and other experiments.
When you look at the course length, then you can see that these materials are knowledge concentrate.
We learn how to enforce Transport Layer Security encryption to protect against network traffic sniffing. Next we look at sharp Razor syntax and how it protects us from malicious implant injection. Then we return to fundamentals like GET and POST methods of HTTP and how to create more secure controller actions in ASP and .NET technology.
Most of lectures are ethical hacking of our vulnerable application sample.
We will experiment with:
Parameter Tampering,
Overposting Attack,
Password Policy,
Cross-Site Request Forgery (CSRF/XSRF),
Open Redirect Attack,
Path Traversal Attack,
Honeypot Example,
Insecure Deserialization,
Forced Browsing Technique and more!
Enable Closed Captions (CC) for better accessibility and here we go!
Do not forget that you have my online technical assistance.
Who this course is for:
- Students learning ASP that want to focus on security of their apps
- Students bored with creating basket for e-commerce web apps
- Future cybersecurity specialists
- Beginner ASP and .NET developers
Instructor
- 4.0 Instructor Rating
- 27 Reviews
- 838 Students
- 7 Courses
[EN] Free assistance with code and technical support guaranteed when learning from my educational materials. Please use Udemy Questions and Answers or write an e-mail.
[PL] Bezpłatna pomoc z kodem i wsparcie techniczne gwarantowane podczas nauki z moich materiałów edukacyjnych. Skorzystaj z funkcjonalności pytań i odpowiedzi Udemy lub napisz e-mail.
Fascinated with cybersecurity. Friend of animals. Ex-vaper, quitted nicotine vaping in December 2020. Addicted to writing educational code samples, tools and technical texts.
I am open to help and share what I have learnt. I produce tools and educational materials for schools, colleges, novice ethical hackers and future cybersecurity professionals. My vision is to provide high quality computer programs, source codes and educational materials. I follow my vision in ethical, lawful and responsible way.
Master degree with thesis: Shellcode/payload generator for Windows x64. Engineer degree with project: Technologies of creating and defending from malware.