In this liveProject, you’ll patch SQL injection vulnerabilities in your company’s bus ticket API. SQL injection is one of the most common ways of attacking a web application, and your challenges will include investigating this code-level vulnerability and applying a fix in the Java code. You’ll get experience using Postman to test your API’s functionality before and after applying your fix.
This liveProject was implemented by Natan Streppel.
he liveProject is for Java programmers familiar with basic REST API development. To begin this project you will need to be familiar with:
- Intermediate level Java (classes, objects)
- Basics of Spark (GET and POST handlers)
- Basics of SQL and JDBC (how to read SQL and perform queries)
- Basics of Linux and performing commands from the command line
- Java IDEs such as Eclipse or IntelliJ IDEA
- Testing APIs, using Postman
- Basic Debugging
- Code Reviews
- Code Refactoring
- Unit Testing
you will learn
In this series of liveProjects, you’ll learn how to spot common code-level vulnerabilities, along with fixes and verification methods.
- Setting up the environment to run a reference API implementation using Java Spring
- Testing the functionality of a reference API implementation using Postman
- Identifying the implementation vulnerabilities
- Fixing Java code to remediate vulnerabilities
- Retesting code for functionality using Postman
- You choose the schedule and decide how much time to invest as you build your project.
- Project roadmap
- Each project is divided into several achievable steps.
- Get Help
- While within the liveProject platform, get help from other participants.
- Compare with others
- For each step, compare your deliverable to the solutions by the author and other participants.