Prevent Website Attacks

Scripting Attacks

This free project is part of the liveProject series Develop Secure Java Applications to Prevent Website Attacks.

prerequisites: beginner Java
skills learned: handling text from untrusted sources • safely logging untrusted data • working with encoded data

Philip Kulp

1 week · 6-8 hours per week · BEGINNER

filed under

Development

placing your order...

Don't refresh or navigate away from the page.

liveProject

$19.99

liveProject This free project is part of the liveProject series Develop Secure Java Applications to Prevent Website Attacks. liveProjects give you the opportunity to learn new skills by completing real-world challenges in your local development environment. Solve practical problems, write working code, and analyze real data—with liveProject, you learn by doing. explore series

This free project is part of the liveProject series Develop Secure Java Applications to Prevent Website Attacks. explore series

Check your email for instructions on accessing Scripting Attacks (liveProject)

continue shopping

go to cart

customers also bought these items

add to cart

Look inside

In this liveProject, you’ll tackle risks caused by unsafe input and output handling in your application. These bugs can make your application vulnerable to reflected and stored attacks such as Cross-Site Scripting (XSS). You’ll identify insecure code and develop fixes to securely handle inputs from untrusted sources, safely manage your encoded data, and avoid unsafe calculations with numeric data types. You will be provided with resource material to identify the problems and will replace the vulnerable Java with secure code to protect against attacks.

project author

Philip Kulp

Dr. Philip Kulp has been consulting in cybersecurity for over 20 years, and working in IT for over 25 years. He currently works as a cybersecurity architect and incident responder, developing realistic approaches to securing enterprise. He also serves as a secure code reviewer, independent assessor, web application tester, and as an adjunct professor at Drexel University. He is an author and conference speaker on various cyber topics such as medical drone delivery, identifying malicious websites based on linking, and more.

prerequisites

This liveProject is designed to be accessible to Java programmers of all skill levels. To begin this liveProject you will need to be familiar with:

TOOLS

Experience with either Eclipse IDE or IntelliJ IDEA

TECHNIQUES

RegEx for search and replace

you will learn

In this liveProject, you’ll learn secure coding techniques that you can apply to future code you write or review.

Handling text from untrusted sources
Safely logging untrusted data
Working with encoded data
Avoiding unsafe calculations with numeric data types
RegEx and string filtering

features

Self-paced: You choose the schedule and decide how much time to invest as you build your project.
Project roadmap: Each project is divided into several achievable steps.
Get Help: While within the liveProject platform, get help from other participants.
Compare with others: For each step, compare your deliverable to the solutions by the author and other participants.