Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Node.js Application Insecurity - OWASP AppSec California 2015

OWASP Foundation via YouTube

Start learning Write review
Coursera Ad

Gain a Splash of New Skills - Coursera+ Annual Nearly 45% Off

Learn More → Scrimba Ad

Our career paths help you become job ready faster

Learn More →

Overview

Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore Node.js application security vulnerabilities and best practices in this OWASP AppSec California 2015 conference talk. Dive into various security categories, including cross-site scripting, code escaping, and query language vulnerabilities. Learn about the importance of prepared statements, proper header usage, and the dangers of eval() functions. Examine GitHub examples, tips for generating secure random numbers, and potential issues with the Buffer class. Gain insights into common pitfalls, such as buffer overflows and allocation problems, to enhance your Node.js application security knowledge.

Syllabus

Intro
Agenda
Not chance
Target audience
What is NoDot
Why NoDot
Frameworks
Categories
Crosssite scripting
escaping code
escape modules
secret section
user input
query language
use prepared statements
portrait protection
false opening
headers
classic
eval
exit method
GitHub example
Tips
Record diversity
Not my test
Random numbers
Random bytes
Pseudorandom
Rocket
Stupid Dancer
Im tutoring area
Openness
Documentation
The problem
Honey success
Buffer class
Buffer
ReadWrite
Buffer Overflow
Watch out allocations
Summary
Conclusion

Taught by

OWASP Foundation

Reviews

Start your review of Node.js Application Insecurity - OWASP AppSec California 2015

Start learning

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.