Vladimir de Turckheim

This learning path will help you understand the diverse threats and protections of the JavaScript world. We will start by covering the basics, as misunderstanding them often leads developers to write less safe code. Then, we will discuss authentication, XSS and CSRF. We will also spend a bit of time understanding regular expressions through the prism of security. We will also cover serverless security and what a JavaScript developer should do to keep their own desktop machine safe while using development tools.

Node.js is the most popular server-side asynchronous runtime. Applications built with this technology heavily depend on the NPM ecosystem. Through this learning path, you will learn to attack and protect Node.js applications, covering many different attack types from the perspective of the Node.js side. You will also learn about Node.js-specific attacks such as prototype pollution and their real impact on your applications.