Overview
Master advanced security techniques with TypeScript. Explore SSRF exploitation, penetration testing methodology, and automated scanning with OWASP ZAP and Nuclei. Build SAST pipelines and layered defenses against sophisticated attack chains in real-world applications.
Syllabus
- Course 1: Server-Side Request Forgery (SSRF)
- Course 2: Web Application Penetration Testing Basics
- Course 3: Implementing SAST in Node.js Applications
- Course 4: Automated DAST with OWASP ZAP and Nuclei
Courses
-
This course explores Server-Side Request Forgery vulnerabilities where attackers trick the server into making unintended requests. You'll learn how to exploit SSRF in our pastebin application's URL import, webhook, and preview features, then implement robust defenses.
-
This course teaches practical penetration testing methodology using the pastebin as a target. You'll learn reconnaissance, vulnerability discovery, and exploitation using CLI tools like Nmap, mitmproxy, ffuf, and curl.
-
This course teaches static code analysis to find security vulnerabilities before deployment. You'll use ESLint, Semgrep, and other CLI tools to analyze the pastebin source code and create custom detection rules.
-
This course teaches dynamic security testing of the running pastebin application. You'll use OWASP ZAP, Nuclei, and other CLI tools to discover runtime vulnerabilities that static analysis cannot find, and integrate these scans into CI/CD pipelines.