Node.js Security: Pentesting and Exploitation

520.00

Node.js® is a platform built on Chrome’s JavaScript runtime for easily building fast, scalable network applications. This new technology is widely getting adopted in various organisations. Like any platform, Node.js has it’s on set of features that developers blindly use without much thought on security. The heart of Node is JavaScript, so it inherits most of the issues that are found at client side JavaScript. However on the server side, it executes on V8 JavaScript engine which gives node the capabilities similar to that of any other server side scripting languages. That difference adds some unique attack surface to Node.js platform. Node.js Security: Pentesting & Exploitation course is one it’s kind to teach about Node.js Security.

 

HOMEPAGE – https://www.anonymz.com/…nodejs-security-pentesting-and-exploitation

 

Original Price: $65
Our Price: $6.99

Description

Size: 912 MB

What is the target audience?

  • Web Developers
  • Web Application Pentesters
  • Security Engineers
  • Web Application Security Consultants
  • Web Security Enthusiasts
  • Hackers
  • Students
  • Web Application Designers

Curriculum

Section 1: Introduction

1.Node.js Security: Pentesting and Exploitation – Overview
2. Introduction to Node.js

Section 2: Node.js Security Issues

3. Global Namespace Pollution
4. HTTP Parameter Pollution (HPP)
5. Remote Code Execution with eval()
6. Remote OS Command Execution
7. Attacks due to Untrusted user input
8. Regex DoS

Section 3: Information Disclosure

9. Information Disclosure in Node.js Web Applications

Section 4: Secure Coding

10. Lack of Secure Code in Node.js

Section 5: Code Review

11. How to do Code Review of a Node.js Application

Section 6: Automated Code Review

12. Automated Code Review of Node.js Application with NodeJsScan

Section 7:  Conclusion

13. Conclusion
14. Course Materials

Related products

  • Security , Shop

    eLearnSecurity – Threat Hunting Professional v2

    Course at a glance

    • Establish a proactive defense mentality
    • Hunt for threats in your organization’s systems and network
    • Use threat intelligence or hypotheses to hunt for known and unknown threats
    • Inspect network traffic and identify abnormal activity in it
    • Perform memory forensics using Redline, Volatility and a variety of tools to identify in-memory malware
    • Use tools such as Sysmon and …

    512.00

  • Security , Shop

    Antivirus Evasion Course By DedSec (In Hindi)

    Course Topic

    1. Introduction of AVS Crypters & Virus
    2. Bypass AVS Runtime using Based64 Technique
    3. Signature Cloning Bypassing Runtime
    4. Bypass Windows Defender For Lifetime
    5. Make your Stub Clean
    6. Manually Encrypting Virus using Algorithm
    7. Using Different Algorithm For Cleaning Virus
    8. Making FUD Virus Using C# And HEX
    9. Code Your Own Crypter
    10. Android Botnet

     

    HOMEPAGE – https://www.dedseec.com/product/antivirus-evasion-professional-course/

     

    Original Price: 2000
    Our Price: 370

    370.00

  • Security , Shop

    eLearnSecurity – Web Application Penetration Testing eXtreme v2

    Course at a glance

    • The most advanced course on Web App Pentesting
    • Based on techniques professional pentesters use
    • Master advanced Web Application attacks & security tools
    • In-depth Web Application Vulnerabilities analysis
    • Covers XSS, SQL Injection, HTML5 and much more
    • In-depth obfuscation and encoding techniques
    • Bypassing filters and WAF techniques included
    • Explore HTML5 and XML attacks vectors and exploits
    • Explore advanced …

    570.00

  • Security , Shop

    Penetration Testing Student v2 (eJPT)

    The hardest thing you will ever do in cybersecurity is to land your first job. There are HR gateways, industry jargon, and companies unwilling to hire new talent. To help combat these challenges, we have built a hands-on training path focused on the necessary skills to start your career.

    This certification covers Assessment Methodologies and Enterprise Auditing with Host, Network, and …

    820.00