Secure Coding 101: JavaScript

Secure Coding 101: JavaScript  Hard

Learn how to improve your JavaScript code's security through Code Review, Static/Dynamic Analysis, Vulnerability Identification, and Patching.

Created by Zeyad AlMadani

Back to Catalogue Preview
To start this course Sign Up!

Summary

In the Secure Coding 101: JavaScript Module, you will learn how to improve the security of your JavaScript code through reverse engineering advanced JavaScript obfuscation functions and identifying hard to find vulnerabilities, and learning how to patch them properly.

This module is ideal for JavaScript developers looking for ways to improve their codes' security and improve their overall secure coding abilities.

This module also introduces you to the basics of JavaScript malware deobfuscation and reversing so that you can statically analyze malware written in JavaScript.

Secure Coding 101: JavaScript

In these modules, you will learn the basics of secure coding, starting with how to review a JavaScript code, analyze it, and reverse its functions. Once you have reviewed the JavaScript code, you will begin to identify potential vulnerabilities and eventually patch the code to ensure it is well secured.

You will be learning skills in Code Review and Secure Coding, as follows:
Code Review:

  • JavaScript code analysis
  • Unpack multiple layers of packed JavaScript code
  • Detect and remove injected dead code
  • Reverse engineering advanced JavaScript obfuscation methods
  • JavaScript Static and Dynamic Analysis, using VSCode and browser Developer Tools

Secure Coding:

  • Identifying common security issues made in JavaScript code
  • Identifying a command injection vulnerability in JavaScript codes
  • Verifying the existence of the vulnerability
  • Patching the identified errors and vulnerabilities

Requirements

We recommend taking the JavaScript Deobfuscation module before starting this one. It will cover the basics of Code Obfuscation and Deobfuscation and will give solid grounds to build upon in this module.

Finally, as you will be reviewing JavaScript codes, you are expected to have a basic ability to read and understand code written in JavaScript. Having said that, as this is the first module in the Secure Coding path, the scripts you will be securing will not be overly complicated and will only require basic JavaScript code reading skills.

Sections

  • Intro
  • Code Review
  • Unpacking
  • Dead Code
  • Reverse Engineering
  • Encrypted Array
  • otherFunction
  • Custom Decoder
  • Decoding
  • sendCode
  • Vulnerability Identification
  • Proof of Concept
  • Code Evaluation
  • Patching Authentication
  • Patching Command Injection
  • Skills Assessment
  • Summary
Back to Catalogue
To start this course Sign Up!