Node.js Security: Pentesting and Exploitation – NJS

$65.00 $35.00

Node.js® is a platform built on Chrome’s JavaScript runtime for easily building fast, scalable network applications. This new technology is widely getting adopted in various organisations. Like any platform, Node.js has it’s on set of features that developers blindly use without much thought on security. The heart of Node is JavaScript, so it inherits most of the issues that are found at client side JavaScript. However on the server side, it executes on V8 JavaScript engine which gives node the capabilities similar to that of any other server side scripting languages. That difference adds some unique attack surface to Node.js platform. Node.js Security: Pentesting & Exploitation course is one it’s kind to teach about Node.js Security.

Description

Node.js® is a platform built on Chrome’s JavaScript runtime for easily building fast, scalable network applications. This new technology is widely getting adopted in various organisations. Like any platform, Node.js has it’s on set of features that developers blindly use without much thought on security. The heart of Node is JavaScript, so it inherits most of the issues that are found at client side JavaScript. However on the server side, it executes on V8 JavaScript engine which gives node the capabilities similar to that of any other server side scripting languages. That difference adds some unique attack surface to Node.js platform. Node.js Security: Pentesting & Exploitation course is one it’s kind to teach about Node.js Security.

What are the requirements?

  • Fundamentals of Web Applications
  • How to write and run a simple Node.js application

What am I going to get from this course?

  • Over 14 lectures and 1 hour of content!
  • Learn how to do the Security Certification of Node.js Application
  • Learn how to build a secure Node.js Application
  • Learn how things can go wrong in Node.js
  • Learn to find security issues in Node.js Applications
  • Learn how to exploit the issues for PoC

What is the target audience?

  • Web Developers
  • Web Application Pentesters
  • Security Engineers
  • Web Application Security Consultants
  • Web Security Enthusiasts
  • Hackers
  • Students
  • Web Application Designers

Curriculum

Section 1: Introduction

1.Node.js Security: Pentesting and Exploitation – Overview
2. Introduction to Node.js

Section 2: Node.js Security Issues

3. Global Namespace Pollution
4. HTTP Parameter Pollution (HPP)
5. Remote Code Execution with eval()
6. Remote OS Command Execution
7. Attacks due to Untrusted user input
8. Regex DoS

Section 3: Information Disclosure

9. Information Disclosure in Node.js Web Applications

Section 4: Secure Coding

10. Lack of Secure Code in Node.js

Section 5: Code Review

11. How to do Code Review of a Node.js Application

Section 6: Automated Code Review

12. Automated Code Review of Node.js Application with NodeJsScan

Section 7:  Conclusion

13. Conclusion
14. Course Materials

Reviews

There are no reviews yet.

Be the first to review “Node.js Security: Pentesting and Exploitation – NJS”

Time limit is exhausted. Please reload CAPTCHA.