CMPS 5363-401/4663-401: Web Applications Security

Summer semester 2016

Instructor: Dr. Nelson L. Passos
Office: Bolin Science Hall 126B
Office phone: 397-4129
E-mail: nelson.passos@mwsu.edu
Office Hours: MTWF  9:00 - 11:00 am
Class Hours: MTWR 2:30 - BO 320

Course Description:

Study of techniques used to protect the development of web applications from common hacker attacks. Includes an introduction to common web application development languages, such as HTML and PHP, and a brief overview of database access. It also includes basic aspects of cryptography and ethical problems related to web security.

Text book:

The Web Application Hacker's Handbook, 2nd. ed., by Dafydd Stuttard and Marcus Pinto

Lecture Notes:

  • CMPS 5363-4663 part 1

  • CMPS 5363-4663 part 2  

  • CMPS 5363-4663 part 3

  • CMPS 5363-4663 part 4  

    Tools:

    XAMPP software

    XAMPP tutorial

    Tentative Agenda:

    Jul 11-        

    Introduction to Web Applications and HTML

    Jul 12-   

    Introduction to HTML forms and PHP

     

    Assignment # 1

    Jul 13-   

    Introduction to Database SQL and PHP

    Jul 14-

    Introduction to JavaScript

           

    Assignment # 2

    Jul 18-

    Web security - defense mechanisms

    Jul 19-

    Web technologies - mapping applications

     

    Assignment # 3

     

    Project assignment

    Jul 20 -

    Mapping applications

    Jul 21 -

    Bypassing client side controls

     

    Assignment # 4

    Jul 25 -

    Attacks on authentication

    Jul 26 -

    Attacks on session management

    Jul 27 -

    Attack on access controls  

    Jul 28 -

    Attacks on SQL

     

    Test # 1

    Aug 1-

    Back end vulnerabilities

    Aug 2-

    Application vulnerabilities

    Aug 3-

    Cross-site scripting

     

    Assignment # 5

    Aug 4-

    Cross-site scripting

    Aug 8-

    Attacking users

    Aug 9-

    Error messages

    Aug 10-

    Buffer overflow and other problems

     Test # 2

    Aug 11-

    Finals

     


    Grading



    Tests: 20 % (each)
    Project: 25 %
    Assignments: 25 %
    Class Participation: 10 %


    E-mail address:

    nelson.passos@mwsu.edu

    Back to Dr. Passos Home Page