Web Security & Ethical Hacking
Understand how attacks work so you can defend against them. OWASP Top 10, SQL injection, XSS, CSRF, JWT attacks, authentication, secrets management, threat modelling, and penetration testing basics.
What you'll learn
Course Contents
23 lessons · 12h 30mWeb Security Fundamentals — How the Web Gets Attacked
HTTPS & TLS — What Actually Happens in the Handshake
OWASP Top 10 — Every Vulnerability Explained
SQL Injection — How It Works and How to Stop It
XSS — Cross-Site Scripting Prevention
CSRF — Cross-Site Request Forgery Protection
Authentication vs Authorisation — The Core Difference
Password Hashing — bcrypt, Argon2, and Why It Matters
JWT Deep Dive — Signing, Verification & Common Mistakes
OAuth 2.0 Flows — Which One to Use and When
RBAC vs ABAC — Role and Attribute Based Access Control
API Security Checklist — 20 Controls for Production APIs
Web Security: OWASP Top 10 in .NET (Practical)
Security Middleware & Headers in ASP.NET Core
Fix CORS & Add Security Headers in .NET
Secrets Management — Vault, Azure Key Vault & .env Done Right
Zero Trust Architecture — Never Trust, Always Verify
Supply Chain Security — Dependency Attacks & SBOM
GDPR for Developers — What You Must Actually Implement
Threat Modelling — STRIDE and How to Use It
Penetration Testing Basics — What Pentesters Actually Do
Security Interview Prep — Junior to Mid Level
Security Interview Prep — Senior & Architect Level