This course explores design flaws that lead to security vulnerabilities in our pastebin application—from insecure credential recovery to flawed business logic and missing audit trails.
Overview
Syllabus
- Unit 1: Introduction to Insecure Design
- Unit 2: Securing Password Recovery
- Brute-Force Attack on Password Recovery Endpoint
- Implementing Secure Email-Based Password Recovery
- Implement Password Reset Endpoint
- Implementing Secure Token Generation with SHA-256 Hashing
- Unit 3: Securing Review Submissions
- Demonstrating Bot Attack on Vulnerable Review System
- Implementing Rate Limiting for Review Submission Protection
- Implementing Email Verification for Review Submissions
- Implement Email Verification Endpoint
- Unit 4: Snippet Quota Management
- Exploiting Storage with a Single Large Snippet
- Implementing Maximum Snippet Size Validation
- Implementing User Storage Quota Management
- Unit 5: Implementing Audit Trails
- Implementing Audit Logging for User Updates
- Implement User Audit Trail Query Endpoint
- Testing User Updates and Audit Trail Retrieval
Related Courses
Related Articles
-
[2026] Unlock 2000+ Free Certificates: Master Tech & Soft Skills with CodeSignal Learn
-
Become a Supercommunicator: Practical Skills for Better Conversations
-
CodeSignal – The Duolingo of Coding Practice
-
9 Best Bug Bounty Courses for 2026: Ethical Hacking, Safer Web
-
6 Best Courses on Kali Linux in 2026
-
6 Best Malware Analysis Courses for 2026
