Look inside
In this liveProject, you’ll tackle the kind of file upload vulnerabilities that allow attackers to upload huge amounts of junk data, overwrite existing files, or even deploy a virus. It is vitally important to test and validate the file upload capabilities in your API implementations. You’ll investigate the bugs that might be causing these issues, and then apply a code-level fix.
This liveProject was implemented by Natan Streppel.
This project is designed for learning purposes and is not a complete, production-ready application or solution.
prerequisites
The liveProject is for Java programmers familiar with basic REST API development. To begin this project you will need to be familiar with:
TOOLS
- Intermediate level Java (classes, objects)
- Basics of Spark (GET and POST handlers)
- Basics of SQL and JDBC (how to read SQL and perform queries)
- Basics of Linux and performing commands from the command line
- Java IDEs such as Eclipse or IntelliJ IDEA
- Testing APIs, using Postman
- Gradle
- Docker
- GIT
TECHNIQUES
- Basic Debugging
- Code Reviews
- Code Refactoring
- Unit Testing
you will learn
In this series of liveProjects, you’ll learn about common code-level vulnerabilities, along with fixes and verification methods.
- Setting up the environment to run a reference API implementation using Java Spring
- Testing the functionality of a reference API implementation using Postman
- Identifying implementation vulnerabilities
- Fixing Java code to remediate vulnerabilities
- Retesting code for functionality using Postman