Input Validation and Output Encoding
There are two approaches to perform input validation; Client-side Input Validation and Server-side Input Validation. Client-side Input Validation: The client-side script for input validation executes at the client side and validates the input data from the user and sends the validated data to the server for further processing. Server-side Input Validation: The server-side script for input validation executes on the server and validates the input coming from the client.
The objective of this lab is to provide students guidance on how to choose and implement proper approaches and secure ways for input validation in their coding practices.
As a .NET programmer, you should know reliable techniques for writing secure code in order to protect your application from various types of input validation attacks. Your code should be able to withstand various types of input validation attacks.
Secure Programming Exercises are available as part of the following subscription:
Each subscription provides 6 months access to 68 Different Exercises.
Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Secure Programming Exercises are designed to give the user an ultimate hands-on experience. Each exercise category above has it’s own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.
Lab exercises are included for:
- Input Validation and Output Encoding
- .NET Authentication and Authorization
- Secure Session and State Management
- .NET Cryptography
- .NET Error Handling, Auditing, and Logging
- .NET Secure File Handling
- .NET Configuration Management and Secure Code Review