Storyline is a course that guides you through the basics of OWASP TOP 10 2021 with a narrative that covers the same codebase in all learning activities. Each module builds on the last with multiple learning activities - keeping the learning anchored to a “story” that is relevant and contextual.
Starts with a gradual, slow pace and then eventually ramps up to greater interactivity to help developers learn in a safe environment.
- What do Storylines cover?
- Covered vulnerabilities
- Covered Languages/framework
- How to create a storyline course
Storylines cover:
- Deep dives on vulnerabilities from videos and guidelines.
- Learning the impact of vulnerabilities with step-by-step walkthrough missions.
- Doing code analysis, and pinpointing how to fix the vulnerabilities with challenges.
- Doing the code fix, if available, with coding labs
- Doing offensive testing with a mission at the end of the course
Covered Vulnerabilities
- Access Control: Missing Function Level Access Control
- Authentication: Use of Single-factor Authentication
- Authentication: Improper Authentication
- Cross Site Scripting (XSS): Dom-Based Cross Site Scripting
- File Upload Vulnerability: Unrestricted File Upload
- Injection Flaws: SQL Injection
- Injection Flaws: CSS Injection
- Injection Flaws: Code Injection
- Insufficient Logging and Monitoring: Insufficient Logging and Monitoring
- Mass Assignment: Mass Assignment
- Security Misconfiguration: Disabled Security Features
- Security Misconfiguration: Clickjacking
- Sensitive Data Storage: Plain text Storage of Passwords
- Server-Side Request Forgery: Server Side Request Forgery (SSRF)
- Unvalidated Redirects and Forwards: Unvalidated Redirects and Forwards
- Vulnerable Components: Using Known Vulnerable Components
- XML External Entities (XXE): XML External Entities (XXE)
Covered Languages/Frameworks
- C# (.NET) Core
- Java Spring
- JavaScript Node.js (Express)
- JavaScript React
- Python Django
How to create a Storyline course
Storyline is listed as one of the available course templates. Please read How to Create a Course for more details.
Related Links:
Comments
0 comments
Please sign in to leave a comment.