Web Application Programming & Hacking

General Information:

Class Days/Time: TR 3:35-4:50 PM

Classroom: JHH 180. Detailed class schedule here

Prerequisites: CPS 341 and CPS 350/CPS 501

Instructor:

Dr. Phu Phung
Office: Hathcock Hall 105
Email: Phu@udayton.edu

Course Webpage:

All course materials, such as the syllabus, major assignments, and handouts, can be found on the course page located on the Canvas server: Canvas Course Page.

Course Description: In this course, students will study basic web application development with front-end (HTML5, JavaScript, CSS) and back-end (PHP/MySQL). Web application vulnerabilities and attacks will be introduced and explored with hands-on exercises on the range. Secure programming principles and practices will be introduced to avoid potential web application vulnerabilities and attacks.

Topics (Tentative):

  • The Web and Web Applications
  • Client-side Web Development with HTML5, CSS, and JavaScript
  • Server-side Web Application Development with PHP and Database (MySQL)
    • Exercises
  • Version control (git) and DevOps
  • Web Application Security: Vulnerabilities and Attacks with Hands-on
  • Secure Web Programming Principles and Practices

Course Goals and Objectives:

  • Obtain the ability and skills to effectively use state-of-the-art techniques in web application development and security tools for the analysis, design, and implementation of secure web systems.
  • Enhance students' programming skills to develop secure, robust, sustainable software products.
  • Establish security analysis skills to identify and avoid potential web vulnerabilities.
  • Identify the types of security threats that perform attacks in web applications and adopt corresponding countermeasures to prevent such attacks.
  • Obtain the ability and skills to apply practical knowledge of security in designing and implementing web applications with contemporary programming technologies.

Course Outcomes:

  • Design, implement, and evaluate a web-based solution to meet a given set of computing requirements in the context of the program's discipline.
  • Understand the principle aspects of concepts of web application security.
  • Identify and discuss the types of security threats and attacks in web applications and practical experience with hands-on exercises.
  • Adopt corresponding countermeasures to identified threats in web applications and argue their effectiveness.
  • Apply practical knowledge of security in designing and implementing web applications with contemporary technologies.

Projects/Assignments

  • Lab 0 - Development Environment Setup
  • Lab 1 - Foundations of the Web
  • Lab 2 - Front-end Web Development
  • Lab 3 - Secure Web Application Development in PHP/MySQL
  • Hackathon 1 - Cross-site Scripting Attacks and Defenses
  • Hackathon 2 - SQL Injection Attacks
  • Individual Project 1 – Front-end Web Development with a Professional Profile Website on Bitbucket.io Cloud service
Download Course Material
Course Material