AppSec related lessons from full lecture (on master) with reduced number of exercises which require lots of interaction. Aimed at participant groups >30 and assumes the use of a webinar system which offers Q&A/chat and voting capabilities.

1. • Motivation (Vulnerabilities, Exploits, Threat Actors, Case Studies)
   • Open Web Application Security Project (OWASP)
2. Cross-Site Scripting (XSS)
3. Injection
4. Authentication Flaws
5. Authorization Flaws
6. Sensitive Data
7. Insecure Dependencies & Configuration
8. XXE & Deserialization
9. Secure Development Lifecycle

This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.