Menu

    Storyline Content

    Avatar
    Secure Code Warrior Elves
    • Updated
    Follow


    Storyline is a course that guides you through the basics of OWASP TOP 10 2021 with a narrative that covers the same codebase in all learning activities. Each module builds on the last with multiple learning activities - keeping the learning anchored to a “story” that is relevant and contextual.


    Starts with a gradual, slow pace and then eventually ramps up to greater interactivity to help developers learn in a safe environment.

     

     

    Storylines cover:

    • Deep dives on vulnerabilities from videos and guidelines.
    • Learning the impact of vulnerabilities with step-by-step walkthrough missions.
    • Doing code analysis, and pinpointing how to fix the vulnerabilities with challenges.
    • Doing the code fix, if available, with coding labs
    • Doing offensive testing with a mission at the end of the course



    Covered Vulnerabilities

    • Access Control: Missing Function Level Access Control
    • Authentication: Use of Single-factor Authentication
    • Authentication: Improper Authentication
    • Cross Site Scripting (XSS): Dom-Based Cross Site Scripting
    • File Upload Vulnerability: Unrestricted File Upload
    • Injection Flaws: SQL Injection
    • Injection Flaws: CSS Injection
    • Injection Flaws: Code Injection
    • Insufficient Logging and Monitoring: Insufficient Logging and Monitoring
    • Mass Assignment: Mass Assignment
    • Security Misconfiguration: Disabled Security Features
    • Security Misconfiguration: Clickjacking
    • Sensitive Data Storage: Plain text Storage of Passwords
    • Server-Side Request Forgery: Server Side Request Forgery (SSRF)
    • Unvalidated Redirects and Forwards: Unvalidated Redirects and Forwards
    • Vulnerable Components: Using Known Vulnerable Components
    • XML External Entities (XXE): XML External Entities (XXE)

    Covered Languages/Frameworks

    • C# (.NET) Core
    • Java Spring
    • JavaScript Node.js (Express)
    • JavaScript React
    • Python Django



    How to create a Storyline course

    Storyline is listed as one of the available course templates. Please read How to Create a Course for more details. 

    Storyline_Template.png

     

     

    Related Links:

    Related articles

    Comments

    0 comments

    Please sign in to leave a comment.