Course Description
OWASP Top 10 list items 8 and 3 include cross-site attacks, which are very common exploits in modern web applications.
Learning Objectives
OWASP A8 and A3: Cross-site Attacks
- start the course
- explain what Cross-site Request Forgery (CSRF) is
- exploit CSRF and what kind of access is needed to exploit it
- detect CSRF and how common they are
- list technical and business impacts of CSRFs
- provide examples of CSRF attacks
- describe what Cross-site Scripting (XSS) is
- exploit XSS and what kind of access is needed to exploit it
- detect XSS and how common it is
- list the technical and business impacts of XSS
- provide examples of XSS attacks
- review an XSS attack
Practice: Cross-site Attacks
- describe how CSRF and XSS can be exploited by an attacker