October 10, 2019
Webinar title: Node.js security
Presentor: Liran Tal
One of my favourite ways of learning is by actually practicing and building things. What’s a better way of learning about Node.js security pitfalls than by hacking an app and then securing it?
In this session we’ll use OWASP NodeGoat as an educational platform to learn about luring security vulnerabilities in your Node.js applications and how to fix them.
NodeGoat project on GitHub: https://github.com/OWASP/NodeGoat
NodeGoat project - Liran Tal’s fork: https://github.com/lirantal/NodeGoat
ReDoS in Node.js’s core path module (https://nodejs.org/ru/blog/vulnerability/march-2018-security-releases/)
Free copy of the Essential Node.js Security book on LeanPub for WOSEC: https://leanpub.com/nodejssecurity/c/wosecindia
Youtube recording of the session