Description

In this codecast series, we will develop a basic web app using Python. But each time we add a feature, we unwittingly introduce a vulnerability! We then show how an attacker would find and exploit the vulnerability, and finally, how to patch the vulnerability. So the formula for a cast is:

• Introduce a feature to our app (but with sloppy, insecure code)
• Hack the app, using the vulnerability introduced via the new feature
• Patch the vulnerability, show how to code it the ‘right’ way

This process mirrors the normal process of adding any feature to a commercial application: a junior dev implements a feature, a review finds issues, and a more senior dev helps the junior implement the feature correctly.

• 1. Web Security with Python
  • Web Security with Python | Introduction

    2:30

  • Web Security with Python | Path Traversal with Python

    16:49

  • Web Security with Python | Setting Up Your Environment

    14:18

  • Web Security with Python | GET query (in)security

    12:13

  • Web Security with Python | Defacing pages with CSS Injection

    13:49

  • Web Security with Python | Command Injection

    10:54

  • Stored XSS using SVG

    10:21

  • Web Security with Python | Python 2 is Not Your Friend

    9:37

  • Web Security with Python | Denial of Service

    22:51

  • Web Security with Python | Insecure Direct Object References

    10:39

  • Web Security with Python | Server Side Request Forgery

    27:19

  • Web Security with Python | Never Roll Your Own Crypto

    10:31

  • Web Security with Python | Secure Logging

    15:52

  • Web Security with Python | Dictionary Attack

    15:53