Python is now one of the main programming languages used. Its great flexibility also makes it very suitable for the development of web applications, with the elegance of programming and pitfalls to avoid through a vulnerable application, we will see how to develop clean, secure and with the least effort possible thanks to the tools available in the language.
The training covers all the important points to develop under Py-tuna in a secure way, from the design to the deployment of your application.
In particular, the objectives of the training are:
• Mastering Linux Administration (shell)
• Knowledge of the Python language
• Knowledge of virtualization technologies (VirtualBox or Docker)
• Code : DSWPYT
• Duration : 3 Days
• schedule : 8h30 - 17h30
• place : training center, Center Urbain Nord
• Course materials
• 40% demonstration
• 40% of theory
• 20% practical exercises
• Need or need
• Risks incurred
• Impacts
• History of the language
• Its peculiarities
• Python for the Web
• Presentation of WSGI and first application
• Implementation and first good practices
• Information leak
• Injection of orders
• XSS
• SQL injection
• CSRF
• arbitrary redirection
• Deploying WSGI with Apache and Docker
• Review of different vulnerabilities on a test application
• Why a framework?
• Presentation of Flask
• Good development practices
• Deploy an application
• Secure development with Flask
• Protections built into Flask and SQLAlchemy
• Redesign of a vulnerable application in Flask
• Review of the structure and code of the secure application
• Vulnerability testing and verification of protection measures by Flask
Do not hesitate to contact our experts for any additional information, study and free calculation of an audit service.