In this lesson, we show the vulnerable website that we are going to use in the next three lessons. The objective of this lesson is to understand how the website works and how users can use it, before plunging into the attacks.

In this lesson, we demonstrate how attackers can execute Stored XSS attack.

This lesson demonstrates how Reflected XSS can be executed by attackers.

In this lesson, we explore some of the techniques that are used to protect a website from XSS attacks.

It will be expected from learners to apply these techniques on the Target-Site, and to check if Stored XSS and Reflected XSS attacks are deterred.

This video demonstrates how SQL Injection Attack (SQLI) can be executed by attackers. This lesson is a preparation for next video which shows how SQLI can be prevented.

This lesson shows the techniques that can be used to deter SQL Injection attacks. It highlights the principle of these techniques, and it demonstrates how they can be implemented.

This lesson paves the way to the next lessons by explaining the Document NoSQL Databases.

This lesson demonstrates how attackers can exploit the vulnerability in the web application that we presented in last lesson.

To try the attacks on your local machine, you can use the downloadable attachment of the last lesson. Please note that you will need to have a Document Database setup on your machine to try the source code.

This lesson shows how to prevent the NoSQL attack that we tried in last lesson.

This video shows how the Cross-Site Request Forgery can be executed by attackers.

There are two attachments with this lesson:

1. The Vulnerable Website

2. The Attacker's Website

This lesson shows how we can protect a website from CSRF attacks.

This lesson demonstrates the concept of Symmetric-Encryption using Stream-Ciphers. We will explain the One-Time-Pad, which is one of the most famous Stream-Ciphers algorithms.

This lesson explains the block ciphers and their modes of operation.

In this video, we are explaining how to implement Block-Ciphers in Java. We are focusing on the concepts, not the code syntax. This lesson helps learners to understand how to implement Block-Ciphers on other programming languages.

This video gives an introduction of hashing algorithms, their applications and properties.

In this video, we explain how MD5 algorithm works. This lesson is important because in second part of this course, we will see the vulnerabilities in some hashing algorithms.

You can check the attached source code to see how MD5 can be implemented in Java.

In this lesson, we explain and demonstrate the brute force attack. The sample source code uses the same source code of last lesson with the addition of a bruteForce method.

This lesson explains the concept of Dictionary Attack which is a type of Brute Force Attack that uses a database of dictionary words instead of trying blindly all the possibilities.

This lesson explains how Rainbow Tables can be built, and how attackers use them to crack a password.

This lesson explains valuable techniques to mitigate the risks of hashing attacks. You will be expected to apply these techniques in your web applications.

This lesson explains the principle of Public-Key Cryptography, and why it is needed. Then, it gives an introduction to RSA algorithm by explaining its mathematical formulas.

The attached code implements RSA in Java using small numbers and without using any library. This helps learners to grasp the concept which is important for next lessons.

This lesson explains the importance of RSA Padding, and why it adds more security to RSA.

This lesson explains why we need digital signing, and the logic to implement it.

The attached code is demonstrated in the video. Have fun and play with it.