CPEG 470/670 Section 10

CISC 472 Section 10

Web Applications Security

Fall 2024


Meeting Time and Place

Section 10

Lecture: MWF 9:10 - 10:05 in Willard Hall 006


Instructors

Andrew Novocin

Email: andynovo@udel.edu

Office Hours: F 10:05am - 11:15am and W 3-4 in Evans 132 (collaboration hub)

Fridays 3-5 we'll do CTF competitions in the iSuites (Evans Cyber Range)

CTF team will compete most weekends

Course DISCORD: https://discord.gg/gt96HGcFE6

Connect via Our CTF DISCORD: https://discord.gg/fSdDd8N you'll be in jail until I give you member status


Important Links:

The course notes index page!

I try to add a new, thematic, flag for each set of notes

Web KATAs for self-paced learning

Mastery Tasks and suggested schedule for Project 1: Make 3 To-Do Apps each in a different stack with basic CRUD functionality (Due: October 23rd)

Mastery Tasks and suggested schedule for Project 1.5: Security Report hacking another student's apps (Due: Nov 6th)

Mastery Tasks and suggested schedule for Project 2 (Due: In place of our final)

OWASP website

Project Submission Format/Instructions

Course recordings from THIS SEMESTER

Course recordings from Fall 2023

Course recordings from Fall 2022


Materials


Meta-Cognition

This is a field that is always moving and wide spread. When you work with a client or at a new position their stack will always be a little different. Don't mistake knowing the specific tools or language with the required skills. Your job is Just-In-Time learning of whatever you need. The job is to be the sort of person who says, yeah I'll solve it, regardless of the stack.

The course is shotgun, you won't master everything, but you should concentrate on the learning how to learn in this domain.

Super powers from this course:


Grading/Assessment

Old Notes:

Just put "/fall2023" or "/fall2022" at the end of the URL