Section 1

Section 3

Duration - 4 hours 15 mins (255 mins)

Introduction - 10. Rem → 245 min
1. What is Ruby? What is Rails?
2. Why Ruby on Rails?
3. About this course
Injections in Rails - 70. Rem → 175 min.
1. SQL Injection - 17
2. Cross site Scripting - 19
3. Header Injection - 11
4. Command, CSS and AJAX Injection - 22
CSRF & Clickjacking in Rails - 60. Rem → 115 min.
1. What is CSRF - 8
2. CSRF in rails - 15
3. Countermeasures - 19
4. What is Clickjacking - 9
5. Clickjacking in rails & Countermeasures - 6
Default Headers + CSP - 15. Rem → 100
1. What are headers?
2. Default headers rails generates
3. CSPs
Rate limiting using rack attack - 60. Rem → 40.
1. What is rate limiting
2. Rate limiting tactics and strategies
3. Safelisting and blacklisting
4. Tracking and throttling
5. Advanced Concepts of Rate limiting using rack attack
6. Combining it all together
Filters & Testing applications using Brakeman - 40
1. File uploads - Basics
2. Scanning files for viruses using clamav
3. Image filter - blocking images
4. Image filter - blocking based on content type
5. Image filter - fixing metadata leak
6. Why and how to test using brakeman
7. Analyzing results of brakeman report
Wind up - 5
1. What's covered so far. What you should learn next.
2. Goodbye!