{"id":51519985,"url":"https://github.com/tech-at-du/acs-3230-web-security","last_synced_at":"2026-07-08T15:01:12.534Z","repository":{"id":115269201,"uuid":"390577181","full_name":"Tech-at-DU/ACS-3230-Web-Security","owner":"Tech-at-DU","description":"🔐 This course covers key concepts in internet data security and best practices for keeping information safe. Students will examine historical hacks, learn how to analyze websites and web architectures for classical security vulnerabilities, and learn how to defend against security attacks.","archived":false,"fork":false,"pushed_at":"2024-11-19T20:59:04.000Z","size":16452,"stargazers_count":5,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-11-19T21:34:22.688Z","etag":null,"topics":["security"],"latest_commit_sha":null,"homepage":"https://bit.ly/acs3230web","language":"Rich Text Format","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Tech-at-DU.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-07-29T02:39:27.000Z","updated_at":"2024-11-19T20:59:08.000Z","dependencies_parsed_at":"2024-11-19T21:38:34.651Z","dependency_job_id":null,"html_url":"https://github.com/Tech-at-DU/ACS-3230-Web-Security","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/Tech-at-DU/ACS-3230-Web-Security","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tech-at-DU%2FACS-3230-Web-Security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tech-at-DU%2FACS-3230-Web-Security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tech-at-DU%2FACS-3230-Web-Security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tech-at-DU%2FACS-3230-Web-Security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Tech-at-DU","download_url":"https://codeload.github.com/Tech-at-DU/ACS-3230-Web-Security/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Tech-at-DU%2FACS-3230-Web-Security/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":35268549,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-26T15:22:16.424Z","status":"online","status_checked_at":"2026-07-08T02:00:06.796Z","response_time":61,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["security"],"created_at":"2026-07-08T15:01:11.022Z","updated_at":"2026-07-08T15:01:12.516Z","avatar_url":"https://github.com/Tech-at-DU.png","language":"Rich Text Format","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n   \u003cimg src=\"banner.png\" height=\"320\" alt=\"ACS 3230 @ Dominican University\"\u003e\n\u003c/p\u003e\n\n# ACS 3230: Intro to Web Security\n\n## Course Description\n\n_This course covers key concepts in internet data security and best practices for keeping information safe. Students will examine historical hacks, learn how to analyze websites and web architectures for classical security vulnerabilities, and learn how to defend against security attacks._\n\n## Prerequisites\n\n- [ACS 1120](https://bit.ly/acs1120)\n\n## Course Specifics\n\n**Course Delivery**: online | 7 weeks | 14 sessions\u003cbr\u003e\n**Course Credits**: 3 units | 37.5 Seat Hours | 75 Total Hours\n\n## Learning Outcomes\n\nBy the end of the course, you will be able to\u0026hellip;\n\n1. Confidently talk about different types of vulnerabilities within the security space.\n2. Defend against  vulnerabilities and attacks.\n3. Apply web security best practices to your projects.\n4. Understand and utilize adversarial security techniques.\n5. Use practical techniques for securing applications and web servers.\n\n## Schedule\n\n\u003c!-- **Course Dates:** Wednesday, October 19 through Wednesday, December 7, 2022\u003cbr\u003e\n**Class Times:** Monday \u0026amp; Wednesday at 4:00pm to 7:45pm --\u003e\n\n| Class |  Security Category   | Topic                                                    |\n| :---: | :------------------: | -------------------------------------------------------- |\n|   1   | _Social Engineering_ | **[Lesson 1]: How to Hack a Human**                      |\n|   2   |      _History_       | **[Lesson 2]: Historic Hacks**         |\n|   3   |        _Web_         | **[Lesson 3]: Server-Side Vulnerabilities**              |\n|   4   |        _Web_         | **[Lesson 4]: Securing Data: Sanitization \u0026 Validation** |\n|   5   |        _Web_         | **[Lesson 5]: Client-Side Vulnerabilities**              |  |\n|   6   |    _Operational_     | **[Lesson 6]: You've Been Hacked. What Do?**             |\n|   7   |        _Web_         | **[Lesson 7]: OWASP Top 10**                            |\n|   8   |        _Web_         | **[Lesson 8]: Cryptography**                               |\n|   9   |      _Network_       | **[Lesson 9]: Encryption**                             |\n|  10   |    _Operational_     | **[Lesson 10]: DDoS**                                    |\n|  11   |          -           | **Lab Day**: Prepare Study Guide / Mock Interviews           |\n|  12   |          -           | **TBD**                                                      |\n|  13   |    _1-1 w/ Dani_     | **Interview Day**                                        |\n\n## Class Assignments\n\nWe will be using [Gradescope] this term, which allows us to provide fast and accurate feedback on your work. All assigned work will be submitted through [Gradescope], and assignment and exam grades will be returned through [Gradescope]. As soon as grades are posted, you will be notified immediately so that you can log in and see your feedback. You may also submit regrade requests if you feel we have made a mistake.\n\nYour [Gradescope] login is your Dominican University email, and your password can be changed at [https://gradescope.com/reset_password](https://gradescope.com/reset_password). The same link can be used if you need to set your password for the first time.\n\n### Challenges\n\nLevel up your web security and hacking skills by participating in up to 100 [Capture the Flag Challenges](https://ctfd.droxey.com/challenges). To get started, read the [ACS 3230 CTF Setup Guide](Lessons/OWASP.md#Setup). Students must complete `AT LEAST 33` challenges to [pass the course](#Evaluation).\n\n### Assignments\n\nEvery assignment is introduced in class. The description of each assignment is below:\n\n| Name                          |\n| ----------------------------- |\n| [Social Engineering for Good] |\n| [Historic Hacks Presentation] |\n| [Jinja SSTI Exploits]         |\n| [Steganography]               |\n\n## Evaluation\n\nTo pass this course you must meet the following requirements:\n\n- Complete AT LEAST 21 [Juice Shop Challenges](https://ctfd.droxey.com/challenges).\n    - The challenges to complete are described [here](Lessons/OWASP.md#Rules-of-Engagement).\n    - Any participation outside the described [Rules of Engagement](Lessons/OWASP.md#Rules-of-Engagement) will result in a failing grade for the course.\n- Complete and pass all in class [assignments](#assignments) on [Gradescope].\n- Attend and pass a final Course Reflection interview with the instructor.\n- Actively participate in class and abide by the attendance policy.\n- Make up all classwork from all absences.\n\n[Gradescope]: https://gradescope.com\n[Lesson 1]: Lessons/SocialEngineering.md\n[Lesson 2]: Lessons/HistoricalHacks.md\n[Lesson 3]: Lessons/ServerSideExploits.md\n[Lesson 4]: Lessons/Sanitization.md\n[Lesson 5]: Lessons/ClientSideExploits.md\n[Lesson 6]: Lessons/IncidentResponse.md\n[Lesson 8]: Lessons/Cryptography.md\n[Lesson 9]: Lessons/Encryption.md\n[Lesson 7]: Lessons/OWASP.md\n[Lesson 10]: Lessons/DDoS.md\n[Lesson 11]: Lessons/Drills.md\n[NSE 1: The Threat Landscape]: https://training.fortinet.com/course/view.php?id=1406\n[NSE 2: The Evolution of Cybersecurity]: https://training.fortinet.com/course/view.php?id=2271\n[Historic Hacks Presentation]: Lessons/EthicalHacking.md#%f0%9f%92%bb-40m-activity-historical-hacks-research\n[Social Engineering for Good]: Lessons/SocialEngineering.md#activity-social-engineering-for-good\n[Jinja SSTI Exploits]: Lessons/ServerSideExploits.md#%f0%9f%92%bb-60m-in-class-activity-ssti\n[Steganography]: Lessons/Cryptography.md#35m-%f0%9f%92%bb-activity-decoding-a-secret-message\n[Juice Box]: Lessons/OWASP.md#60m-%f0%9f%92%bb-activity-juice-shop\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftech-at-du%2Facs-3230-web-security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftech-at-du%2Facs-3230-web-security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftech-at-du%2Facs-3230-web-security/lists"}