This course explores design flaws that lead to security vulnerabilities in our pastebin application—from insecure credential recovery to flawed business logic and missing audit trails.
Overview
Syllabus
- Unit 1: Introduction to Insecure Design
- Unit 2: Insecure Credential Recovery with Q&A
- Simple Dictionary Attack on Password Recovery
- Password Recovery: Token Generation
- Password Recovery: Reset Implementation
- Improving the Cryptography
- Unit 3: Lack of Anti-Bot Verification in Review Submission
- Simulating a Bot Attack
- Implement Rate Limiting for Reviews
- Enforce Email Verification for Reviews
- Verify User Emails for Secure Reviews
- Unit 4: Flawed Business Logic in Snippet Quota Management
- Exploiting Storage with One Request
- Implement Snippet Size Validation
- User Quota Management System
- Unit 5: Missing Audit Trails on User Modifications
- Implementing Audit Logging for User Updates
- Audit Trail Query Implementation
- Audit Trail System in Action
Related Courses
Related Articles
-
[2026] Unlock 2000+ Free Certificates: Master Tech & Soft Skills with CodeSignal Learn
-
Become a Supercommunicator: Practical Skills for Better Conversations
-
CodeSignal – The Duolingo of Coding Practice
-
9 Best Bug Bounty Courses for 2026: Ethical Hacking, Safer Web
-
6 Best Courses on Kali Linux in 2026
-
6 Best Malware Analysis Courses for 2026
