mean-stack

Angular Security MasterClass - Web Security Fundamentals Course

This course is currently ongoing development, please make sure to checkout the branch mentioned at the beginning of each course section.

In the end this master branch will contain the complete code of the course.

JavaScript Security Engineering Demo

Many examples are here, first of all for CSRF run this script without checkCsrfToken enabled, and redirect to the vulnerable CSRF form. Secondly, run this with checkCsrfToken enabled.

Regarding HS256/RS256 showcase generating JWT and its checks. Pay attention into very similar (just 1-2 characters difference in payload) header and payload, which means it's deterministic. Showcasing something probabilistic might be also an interesting use case.

For passwords - run hash.js and hash-salt.js showing for the same password without salt we're getting the same hash. For the same password with salt, we're getting always different hash.

Name		Name	Last commit message	Last commit date
parent directory ..
csrf		csrf
demos		demos
e2e		e2e
server		server
src		src
.editorconfig		.editorconfig
.gitignore		.gitignore
README.md		README.md
angular.json		angular.json
cert.pem		cert.pem
karma.conf.js		karma.conf.js
key.pem		key.pem
package-lock.json		package-lock.json
package.json		package.json
protractor.conf.js		protractor.conf.js
proxy.json		proxy.json
tsconfig.json		tsconfig.json
tslint.json		tslint.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

README.md

Angular Security MasterClass - Web Security Fundamentals Course

JavaScript Security Engineering Demo

FilesExpand file tree

mean-stack

Directory actions

More options

Directory actions

More options

Latest commit

History

mean-stack

Folders and files

parent directory

README.md

Angular Security MasterClass - Web Security Fundamentals Course

JavaScript Security Engineering Demo