1.1 Common Weakness Enumeration (CWE) - official website.html
1. OWASP Top 10 Overview
2.1 Source code examples from the lesson.html
2. Broken Access Control
3. Cryptography Failures (Theory, Sensitive Data, Data Breach, Types of Failures)
4.1 Source code examples from the lesson.html
4. Cryptography Failures (Practical Examples, SQL Injections, TLSSSL, HTTPS)
5.1 Source code examples from the lesson.html
5. Cryptography Failures (Examples, Password Encryption, Hashing, Salting)
6.1 Source code examples from the lesson.html
6. Injection (Overview, Fuzzing, CWEs, Impact, Injection Types, Command Injection)
7.1 Source code examples from the lesson.html
7. Injection (Cross Site Scripting, Types of XSS, SQL, JPA, NoSQL Injections)
8.1 Source code examples from the lesson.html
8. Injection (XPath Injection, Log Injection, Input Validation)
9. Insecure Design (Overivew, CWEs, Shift Left Security, Threat Modeling Manifesto)
10. Insecure Design (Secure Design Process, Security Controls, Metrics, Examples)
11.1 NIST 800-123 - Guide to General Server Security.html
11.2 NIST 800-207 - Zero Trust Architecture.html
11. Security Misconfiguration (Overview, CWEs, Types, Real-life attacks)
12.1 NIST 800-123 - Guide to General Server Security.html
12.2 NIST 800-207 - Zero Trust Architecture.html
12. Security Misconfiguration (Hardening, Zero Trust, Defense in Depth, Practice)
13.1 Dependency check plugin.html
13.2 pom.xml from the lesson with OWASP plugin.html
13. Vulnerable & Outdated Components
14. Identification & Authentication Failures
15. Software & Data Integrity Failures
16.1 Computer Security Incident Handling Guide.html
16. Security Logging & Monitoring Failures
17. Server-Side Request Forgery (SSRF)