[MUSIC] Hey there, welcome to your first module. In this module, we'll discuss how to
protect against many kinds of flaws and attacks that leave
applications vulnerable. First, we'll get you up and
running with some tools, and set you up with what you
need throughout this course. Next, we'll introduce cross-site
scripting attacks, also known as XSS. We will define what XSS attacks are,
work on exploiting them, and finally, get around to patching them. By the end of this module,
you will be able to describe and distinguish a couple different types
of cross-site scripting attacks. We'll be focusing on two of them,
Reflected and Stored. Throughout the course,
we'll follow the same pattern. Demo of an attack,
try the attack yourself, demo of a patch, try the patch yourself. And, finally, re-attempt the attack and see if you can validate that
you've got the patch working. I won't demo everything though, there may
be instances of code patching that you have to infer from the first demo. You'll be able to recall where
you can go on WebGoat, or the Open Web Application Security Project, commonly referred to as OWASP, to learn
more about these kinds of attacks. You'll also learn some tips and
tricks for using GitHub, Git, Docker, CyberChef, Burp, and some other tools
that might help you along the way. Hopefully, you'll gain the confidence
by learning, practicing, and seeing me present a solution, and
then maybe giving it a try yourself. At the end of the module,
you'll complete a quiz and a lab to demonstrate what you've
learned during the course. If you follow the course in
the order it's presented, and complete each activity, you'll be
building towards your final project. We have a lot to cover,
so let's get started.