Secure Programming Exercises are available as part of the following subscription:

Each subscription provides 6 months of access to 68 Different Exercises. Each exercise contains a Scenario, Objectives, and individual step by step tasks to guide the user through all steps necessary to complete the exercise. The Secure Programming Exercises are designed to give the user the ultimate hands-on experience. Each exercise category above has its own Virtual Private Cloud that comes preconfigured with Vulnerable websites, Victim Machines, and the environment is LOADED with tools. Included in your network share are all the supporting tools required to practice in the Cyber Range / Lab environment.

Lab exercises are included for:

  • Input Validation and Output Encoding
  • .NET Authentication and Authorization
  • Secure Session and State Management
  • .NET Cryptography
  • .NET Error Handling, Auditing, and Logging
  • .NET Secure File Handling
  • .NET Configuration Management and Secure Code Review
Price: $199
Add to Cart
View Cart

Still looking for more information? No problem. Click any of the categories below to read a full description of the labs and exercises.

There are two approaches to perform input validation. Client-side Input Validation: The client-side script for input validation executes at the client side and validates the input data from the user and sends…..(Read More)
The form authentication ticket is used to tell the ASP.NET application who you are. Thus, ticket is building block of Forms Authentication’s security…..(Read More)
In this lab you will assign a shorter time period to session expiry in the roleManager and SessionState elements of Web.config to protect session values from being stolen by attackers…..(Read More)
Symmetric key algorithms are a class of algorithms for cryptography that use the same cryptographic keys for both encryption of plaintext and decryption of cipher-text…..(Read More)
Printing exception messages using StackTrace is not secure since it may give detailed information……(Read More)
The files that are stored in subdirectories are vulnerable to path traversal attacks. Extract the file name from the input. Use the Path class to limit files to a particular directory……(Read More)
When a runtime or design-time error occurs in an application, ASP.NET shows a default error page that gives a brief description of the error along with the line number on which the error occurred. A developer would want to view this default error page…..(Read More)

Fully patched Operating Systems/Virtual Machines used in this Set of Exercises