JavaScript Lessons

Learn about memory leaks, and how to mitigate and remediate the vulnerability with real-world examples from security experts.

Learn about mass assignment and the risks of user-provided data. Learn to mitigate and remediate the vulnerability with real-world examples from security experts.

Learn about the issues that emerge when creating an insecure temporary file as well as how to mitigate this vulnerability.

Learn about the issues that arise when storing cleartext or plaintext sensitive information in a cookie as well as solutions to this vulnerability.

Learn about XPath injections, and how to mitigate and remediate the vulnerability with real-world examples from security experts.

A user forgot their password! How can you create a secure password recovery? Learn about weak password recoveries, see it in action, and learn the mitigation techniques.

Learn all about randomness and the importance of having truly random numbers. We'll also look at why insecure randomness is a security concern and how to avoid it.

Learn how NoSQL Injection attacks work, and compare them to the similar SQL injection attacks with examples and remediation information

Learn about the issues that arise in an application that employs no rate limiting techniques, as well as how you can go about implementing those protections.

A vulnerable and outdated component is a software component that is no longer supported by the developer, making it susceptible to security vulnerabilities.

Learn what a logging vulnerability is, including logging too much or logging too little, and how to protect your organization.

Learn about insecure design, and how to mitigate and remediate the vulnerability with real-world examples from security experts.

Learn what an insecure hash is, why you should be aware of it, and how you can implement strong hashes to remediate the vulnerability in your organization

Learn what ReDos is, why you should be aware of it, and how you can prevent and remediate the vulnerability in your organization

Learn how broken access control exploits work with a step-by-step tutorial, as well as how to mitigate and defend against them with access control settings.

Learn how an XXE attack works, and how to mitigate and fix the XXE vulnerability with real-world examples from security experts.

Learn how a cross site request forgery (CSRF) attack works, and how to detect and fix it with real-world examples from security experts.

Learn how DOM based XSS exploits work, and how to mitigate and remediate the vulnerability with step-by-step interactive tutorials from security experts.

Learn about the risks of exposing open redirects, how to exploit them and how to mitigate them.

Learn how to protect your code from server-side request forgery attacks in JavaScript by exploiting a vulnerable web app as part of this Snyk Learn tutorial.

Learn how to protect your applications against malicious code injection in JavaScript by exploiting a vulnerable web app as part of this Snyk Learn lesson.

Learn how to protect your code from directory traversal in JavaScript by exploiting a vulnerable web server.

Learn how to protect your JavaScript code from various forms of cross-site scripting (XSS) attacks.

Learn what JavaScript prototype pollution is and how to prevent it.

Learn how to create SQL queries securely and avoid SQL injection attempts by malicious third parties.