Course Description

Cross Site Scripting is one of the most common security flaws found in web applications. This course will provide an introduction to the vulnerability and recommendations on how to protect against it.

This course focuses on ensuring that you will have a solid understanding of cross site scripting and how it affects your applications and business.

On this journey, we will walk through what cross site scripting is. We will then take a look at different aspects of mitigating cross site scripting and potential limitations to each one.

After completing this journey, you should have a solid understanding of cross site scripting and feel comfortable addressing it.

Application Security Professional

James Jardine

James Jardine is the CEO of Jardine Software Inc. He started is career as a developer, working on all types of projects across web, mobile, and desktop. James has spent the last 7 years focusing on application security. His over 15 years of combined experience provides a unique insight into both development and security for applications. James has presented and trained at Derbycon, Blackhat, Infosecworld, Hacker Halted and many others. He was previously an author and instructor at the SANS Institute where he taught the Secure Coding in .Net course.

Course curriculum

  • 1

    Cross Site Scripting

    • Introduction to Injection Attacks

    • Untrusted Data

    • Cross Site Scripting in Detail

    • Demo - Cross Site Scripting

    • Walkthrough - Output Encoding

    • Walkthrough - Content Security Policy

    • Walkthrough - X-XSS-PROTECTION Header

    • Walkthrough - BeEF

    • Walkthrough - Attribute XSS