مخطط الموضوع

  • Syllabus

    طي الكل توسيع الكل

    Salam, I am Noureddine Amraoui, Ph.D. 

    I am here to teach you Web Security and assist you all the way through this semester.  

    The official channel for publishing announcements and resources related to this course is the following Telegram group: https://t.me/+IRGQg8tLNIo4MmE0    

    You are also welcome to contact me by:
    ·        Telegram: @noureddine_amraoui
    ·        Email: noureddine.amraoui@univ-msila.dz.

    Objectives

    The objective of this course is two folded:
    ·        Through this course lecture, you will understand the technical concepts related to: what and Why the Web is vulnerable. How can such vulnerability be exploited. And how can such vulnerability be mitigated.
    ·        Through practicing labs and assignments, you will get your hands-on the web security Best Practices (such HTTPs protocol, Encryption, Hashing, Authentication, Session Management, Access Control, etc.), as well as how to conduct a penetration testing against a web application.

    Prerequisites

    The students are assumed to have already taken the following courses:
    ·        L2: Web Application Development.
    ·        L3 (ISIL): Advanced Programming for the Web.
    ·        L3 (SI and ISIL): Cyber Security.
    ·        M1 1st Semester (RTIC): Web Technologies.
    ·        M1 2nd Semester (SIGL): Web Technologies.
    ·        M1 2nd Semester (RTIC): IHM of Web Applications.
     
    Content

    The content of this course is divided into six chapters as follows:
    ·        Chapter 1 - Web Fundamentals: In this chapter, the students will have the enough background on the web including how the web wors, different web development technologies, HTTP/S protocol, etc.
    ·        Chapter 2 - Web Vulnerability: In this chapter, the students will
    ·        Chapter 3 - Authentication: In this chapter, the students will
    ·        Chapter 4 - Session Management: In this chapter, the students will
    ·        Chapter 5 - Access Control: In this chapter, the students will


    ·        Chapter 6 - Common Web Vulnerabilities: In this chapter, the students will


    Assessment Method
    ·        Average Grade: Lab (50%), (Final Exam (50%)
    ·        Lab Mark: 5 Points (Attendance) + 15 Points (Homework).


  • Chapter 1: Web Fundamentals

    To exploit a web application, you should first know how it is created. That is why, we will start our journey in this Web Security course by first understanding and mastering the web fundamentals.


  • Chapter 2: Web Vulnerability

    In this chapter, the students will have a background on cyber security. Then, it will understand why the web is vulnerable.

  • Chapter 3: Authentication

    In this chapter, the students will understand the technical concepts and mechanisms related to user authentication.

  • Chapter 4: Session Management

    In this chapter, the students will understand the technical concepts and mechanisms related to user session management.

  • Chapter 5: Authorization and Access Control

    In this chapter, the students will understand the technical concepts and mechanisms related to authorization and controlling the access to web applications.