Useful Links
Computer Science
Cybersecurity
Web Security and Privacy
1. Introduction to Web Security and Privacy
2. Core Web Technologies and Security Models
3. Client-Side Vulnerabilities
4. Server-Side Vulnerabilities
5. Cryptography in Web Security
6. Authentication and Authorization
7. Web Privacy
8. Secure Development Lifecycle
9. Advanced Web Security Topics
Client-Side Vulnerabilities
Cross-Site Scripting
Stored XSS
Reflected XSS
DOM-based XSS
XSS Payloads and Impact
Credential Theft
Session Hijacking
Defacement
Mitigation Strategies
Output Encoding
Contextual Output Encoding
Input Validation
Security Libraries
Cross-Site Request Forgery
CSRF Attack Mechanism
Exploiting User Authentication
Attack Prerequisites
Impact of CSRF
Unauthorized Actions
Data Manipulation
Mitigation Techniques
Anti-CSRF Tokens
Token Generation
Token Validation
SameSite Cookie Attribute
Strict Mode
Lax Mode
Limitations
Clickjacking
Attack Mechanism using Frames
Overlaying Malicious Content
Social Engineering Techniques
Mitigation
X-Frame-Options Header
DENY
SAMEORIGIN
ALLOW-FROM
Open Redirects
Exploitation Techniques
Impact on Phishing and Credential Theft
Prevention Strategies
DOM Clobbering
Mechanism of DOM Clobbering
Security Implications
Prevention Techniques
Previous
2. Core Web Technologies and Security Models
Go to top
Next
4. Server-Side Vulnerabilities