Prevent Website Attacks

Session Hijacking you own this product

This project is part of the liveProject series Develop Secure Java Applications to Prevent Website Attacks
prerequisites
beginner Java
skills learned
securely handle untrusted form data • evaluate uploaded files • safely handle sending cookies, headers, and redirects
Philip Kulp
1 week · 6-8 hours per week · BEGINNER
Included with a Manning Online subscription
try now

pro $24.99 per month

  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose one free eBook per month to keep
  • exclusive 50% discount on all purchases

lite $19.99 per month

  • access to all Manning books, including MEAPs!

team

5, 10 or 20 seats+ for your team - learn more

Look inside
In this liveProject, you’ll write secure Java code for handling potentially untrusted data in web applications. You’ll build systems that can protect against data from web app forms; safely handle cookies, headers and redirects; and set up secure authentication mechanisms. Finally, you’ll manage your third-party libraries and identify potential vulnerabilities using Software Composition Analysis (SCA). Insecure third-party libraries can add vulnerabilities to your otherwise secure application and have been used in several recent real-world compromises.
This project is designed for learning purposes and is not a complete, production-ready application or solution.

book resources

When you start your liveProject, you get full access to the following books for 90 days.

project author

Philip Kulp
Dr. Philip Kulp has been consulting in cybersecurity for over 20 years, and working in IT for over 25 years. He currently works as a cybersecurity architect and incident responder, developing realistic approaches to securing enterprise. He also serves as a secure code reviewer, independent assessor, web application tester, and as an adjunct professor at Drexel University. He is an author and conference speaker on various cyber topics such as medical drone delivery, identifying malicious websites based on linking, and more.

prerequisites

This liveProject is designed to be accessible to Java programmers of all skill levels. To begin this liveProject you will need to be familiar with:

TOOLS
  • Experience with either Eclipse IDE or IntelliJ IDEA
TECHNIQUES
  • RegEx for search and replace
  • Working with Java servlets

you will learn

In this liveProject, you’ll learn secure coding techniques that you can apply to future code you write or review.

  • Securely handle untrusted form data
  • Evaluate uploaded files
  • Safely handle cookies, headers, and redirects
  • Avoid Cross Site Request Forgery (CSRF) attacks
  • Protect authentication mechanisms
  • Create secure JSON Web Tokens (JWT)

features

Self-paced
You choose the schedule and decide how much time to invest as you build your project.
Project roadmap
Each project is divided into several achievable steps.
Get Help
While within the liveProject platform, get help from other participants and our expert mentors.
Compare with others
For each step, compare your deliverable to the solutions by the author and other participants.
book resources
Get full access to select books for 90 days. Permanent access to excerpts from Manning products are also included, as well as references to other resources.

choose your plan

pro

monthly
annual
$24.99
$249.99
only $20.83 per month
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Session Hijacking project for free

team

monthly
annual
$49.99
$499.99
only $41.67 per month
  • five seats for your team
  • access to all Manning books, MEAPs, liveVideos, liveProjects, and audiobooks!
  • choose another free product every time you renew
  • choose twelve free products per year
  • exclusive 50% discount on all purchases
  • Session Hijacking project for free