CMPS 5443-370/4883-370: Web Applications Security

Summer semester 2012

Instructor: Dr. Nelson L. Passos
Office: Bolin Science Hall 126B
Office phone: 397-4129
E-mail: nelson.passos@mwsu.edu
Office Hours: MTWF  9:00 - 11:00 am
Class Hours: MTWR 5:00 - BO 320

Course Description:

Study of techniques used to protect the development of web applications from common hacker attacks. Includes an introduction to common web application development languages, such as HTML and PHP, and a brief overview of database access. It also includes basic aspects of cryptography and ethical problems related to web security.

Text book:

The Web Application Hacker's Handbook, by Dafydd Stuttard and Marcus Pinto

Lecture Notes:

  • CMPS 5443-4883 part 1

  • CMPS 5443-4883 part 2  

  • CMPS 5443-4883 part 3

  • CMPS 5443-4883 part 4  

    Tools:

    XAMPP software

    Tentative Agenda:

     

    May 29-        

    Introduction to Web Applications and HTML

    May 30-   

    Introduction to HTML forms and PHP

     Assignment # 1
    May 31-   

    Introduction to Database SQL and PHP

    Jun 1-

    Introduction to JavaScript

           

    Assignment # 2

    Jun 4-

    Web security - defense mechanisms

    Jun 5-

    Web technologies - mapping applications

     Assignment # 3
     Programming Project

    Jun 6 -

    Mapping applications

     Assignment # 4

    Jun 7-

    Bypassing client side controls

    Jun 11-

    Attacks on authentication

    Jun 12-

    Attacks on session management

    Jun 13-

    Attack on access controls  

    Jun 14-

    Attacks on SQL

     Test # 1

    Jun 18-

    Back end vulnerabilities

    Jun 19-

    Application vulnerabilities

    Jun 20-

    Cross-site scripting

     

    Assignment # 5

    Jun 21-

    Cross-site scripting

    Jun 25-

    Attacking users

    Jun 26-

    Error messages

    Jun 27-

    Buffer overflow and other problems-

     Test # 2

    Jun 28-

    Finals


    Grading



    Tests: 20 % (each)
    Project: 25 %
    Assignments: 25 %
    Class Participation: 10 %


    E-mail address:

    nelson.passos@mwsu.edu

    Back to Dr. Passos Home Page