From the course: Ethical Hacking with JavaScript
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Security misconfiguration - JavaScript Tutorial
From the course: Ethical Hacking with JavaScript
Security misconfiguration
- [Instructor] Security misconfiguration usually occurs from a lack of proper settings in your application. Or, exposed information from the server side. And, they happen typically when a developer one, publishes the developer version of the server. This could open all kinds of settings for hackers to exploit, and also hinder the performance of your application. Number two, leave debugging on, or even worse, console log sensitive data in the client. From time to time, I test applications and sites I use often, and sometimes it's very easy to manipulate the data with a few scripts in the console. Be wary of this issue. Number three, use default logins and password. Example, admin login with an admin password. This happens a lot in the world of bloggers or many sites from templates. Always use complex passwords, or use a tool for managing your password. Number four, wide open folder, or code access due to improper restrictions and access controls. Every section of your application…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
-
-
(Locked)
Injection threat2m 23s
-
(Locked)
Broken authentication1m 54s
-
(Locked)
Sensitive data1m 5s
-
(Locked)
XML external entities1m 6s
-
(Locked)
Security misconfiguration1m 29s
-
(Locked)
Insecure deserialization1m 10s
-
(Locked)
Components with known vulnerabilities1m 12s
-
(Locked)
Insufficient logging and monitoring1m 47s
-
(Locked)
-