Following up from the release of last week's Cross-Site Request Forgery (CSRF) Attack module, I'm excited to let you know the latest Defend module for my Practical Laravel Security course is now live! The module is called CSRF Tokens, and it covers everything you need to know about how CSRF tokens work in Laravel.
This module is the first of three companions to last week's CSRF Attack module, and explains how CSRF tokens work within Laravel. (Spoiler: it's fairly simple!) It covers both sides of Laravel's protections, the middleware and the token itself, plus explains how they are implemented in Laravel and why it's something you should actually care about.
I'll be finishing up the other two companions to the CSRF attack module:
Cross-Origin Resource Sharing (CORS)
And following on from that will most likely be SQL Injection (SQLi), with some fun new challenges.
The CSRF Attack module includes 6 interactive challenges that teach you various CSRF Attacks. These challenges are:
Basic CSRF Attack
CSRF through a hidden form
CSRF in the background of a page
Bypassing SameSite protections
Abusing Subdomains to satisfy SameSite protections
Stealing CSRF tokens
The course includes a dedicated Discord server, where you can ask me any questions about the course, or security in general, and join in on some great discussions. There is a channel for the challenges, so you can get help if you need it - or brag about your successes! Definitely check it out if you've bought the course.
Haven't bought the course yet?
So, if you haven't already bought the Practical Laravel Security course, now's the perfect time to do it. By investing in your knowledge and skills, you'll be better equipped to secure your applications and take your coding game to the next level!
The course is still in early access, so signing up now will get you the heavily discounted price, and you'll have immediate access to the modules that have been released and the Discord server.