Previous Lecture Complete and continue  

  Injection Fundamentals: What Is ReDoS?

Note: For the exercises, the course directory has changed! It's now https://github.com/SecuringTheStack/tutorials/tree...

Injection Fundamentals: What Is ReDoS

Table Of Contents toc

Intro

Injection Discovery

Injection Discovery (Linear Approach)

  1. List execution contexts for a given piece of code
  2. For each execution context in the list, find syntactic and semantic injection risks

Injection Discovery (Three Questions Approach)

ReDoS Ex. (Assignment Prep)

ReDoS Ex. (Assignment Prep CONT.)

ReDoS Ex. (Javascript Context Assignment)

ReDoS Ex. (Javascript Context Answers)

Course Takeaways

Next Steps

Error Log

Additional Resources

Referenced In Tutorial

General

Javascript

Java

Knowledge Dependency Tree