What can be implemented as a practice for a diploma in web application security?

K

KarolLun2017-04-24 14:56:12

Information Security

KarolLun, 2017-04-24 14:56:12

Good day.
I want to choose web application security as a WRC. Mb any of you are familiar with this subject. Can you suggest interesting materials in this area: resources, articles, books or webinars, or other resources that have helped you?
And also what can be considered as practice for work in order to start studying in advance?

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

C

cssman, 2017-04-24
@KarolLun

About practice: penetration testing of a web application using owasp top10.
In general, it is possible to combine web applications with ITU, in the information security market in the Russian Federation - quite a current trend, now Russian vendors have begun to actively write their waffles under tracing paper from Western ones or simply substitute their graphical shell :)
But it's best to consult with your researcher.

D

D3lphi, 2017-04-24
@D3lphi

Google articles on the following topics (fortunately, there are a lot of them on the Internet):

SQL - injections and application protection from them.
Password hashing. What, how and why.
CSRF attacks and protection against them.
XSS attacks and protection against them.
Protecting the session of users authenticated in the application.
Cookie theft prevention.
HTTPS, SSL, TLS.