LTAT.04.013 Web Application Security
Course info
Responsible: Arnis Paršovs (arnis.parsovs@ UT)
Teaching assistant: Denizalp Kapisiz (denizalp.kapisiz@ UT)
Credits: 3 ECTS
Language: English
Assessment: differentiated (A, B, C, D, E, F, not present)
Lectures: Pre-recorded, every Saturday on Moodle by 23:59
Course Moodle: course link
General Information
In this course, we will cover common vulnerabilities and defense mechanisms for web applications according to OWASP guidelines. There will be weekly homework involving HTML5, JavaScript or PHP. Students are expected to have experience in web application development.
Grading
Final grade structure:
Homework: 70%
Final test: 30%
Schedule
0. Introduction
1. Web, HTTP protocol, HTTPS, Cookies
2. Cross-Site Scripting (XSS)
3. Cross-Site Request Forgery (CSRF)
4. Same-Origin Policy (SOP)
5. Authentication and Session Management
6. SQL Injection
7. Server-Side Vulnerabilities
8. Test