{"id":3996,"date":"2021-08-31T15:46:46","date_gmt":"2021-08-31T14:46:46","guid":{"rendered":"https:\/\/cyberschool.univ-rennes.fr\/?page_id=3996"},"modified":"2026-03-12T14:28:20","modified_gmt":"2026-03-12T13:28:20","slug":"web-application-security","status":"publish","type":"page","link":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/","title":{"rendered":"G\u00e9nie Logiciel Appliqu\u00e9"},"content":{"rendered":"\n
\n
\n
\n

<\/span><\/span>Teaching goals<\/h2>\n

Le but de ce cours est de comprendre les bases de la s\u00e9curit\u00e9 des applications web en PHP. Nous verrons comment r\u00e9aliser un audit de s\u00e9curit\u00e9 et comment programmer ces applications de fa\u00e7on s\u00e9curis\u00e9e.<\/p>\n\n <\/div>\n <\/div>\n<\/section>\n\n\n\n

\n
\n
\n

<\/span><\/span>Course description<\/h2>\n
\n
    \n
  • Introduction \u00e0 la s\u00e9curit\u00e9 applicative<\/li>\n
  • Les principaux projets & acteurs autour de la s\u00e9curit\u00e9 applicative<\/li>\n
  • D\u00e9finition d’une vuln\u00e9rabilit\u00e9<\/li>\n
  • Comment prioriser les corrections de vuln\u00e9rabilit\u00e9 dans une entreprise ?<\/li>\n
  • Fondamentaux de la s\u00e9curit\u00e9 applicative<\/li>\n
  • D\u00e9veloppement s\u00e9curis\u00e9<\/li>\n
  • Mise en place des ent\u00eates HTTP de s\u00e9curit\u00e9<\/li>\n
  • Etude de la protection des APIs<\/li>\n
  • Etude des protocoles d’autorisation et d’authentification du Web<\/li>\n
  • Les outils de s\u00e9curit\u00e9 dans l’entreprise<\/li>\n
  • Introduction au DevSecOps<\/li>\n<\/ul>\n<\/div>\n\n <\/div>\n <\/div>\n<\/section>\n\n\n
    \n
    \n
    \n

    <\/span><\/span>Keywords<\/h2>\n

    Webapps, OWASP, vulnerabilites, XSS, CSRF, SQL injection, File Upload, File Inclusion, PHP.<\/p>\n\n <\/div>\n <\/div>\n<\/section>\n\n\n\n

    \n
    \n
    \n

    <\/span><\/span>Bibliography<\/h2>\n
    \n
      \n
    • A Survey on Cross-Site Scripting Attacks, by Joaquin Garcia-Alfaro and Guillermo Navarro-Arribas, 2009<\/li>\n
    • Survey on Cross Site Request Forgery (An Overview of CSRF), by Sentamilselvan K, 2013<\/li>\n
    • Review of SQL Injection : Problems and Prevention, by Mohd Amin Bin Mohd Yunus, Muhammad Zainulariff Brohan, Nazri Mohd Nawi, Ely Salwana Mat Surin, Nurhakimah Azwani Md Najib and Chan Wei Liang,<\/i> 2018<\/li>\n
    • Enterprise Java Security: Building Secure J2EE Applications, by Marco Pistoia, Nataraj Nagaratnam, Larry Koved, Anthony Nadalin, 2004<\/li>\n<\/ul>\n<\/div>\n\n <\/div>\n <\/div>\n<\/section>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":8,"featured_media":0,"parent":11707,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":[],"acf":[],"yoast_head":"\nG\u00e9nie Logiciel Appliqu\u00e9 - CyberSchool<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"G\u00e9nie Logiciel Appliqu\u00e9 - CyberSchool\" \/>\n<meta property=\"og:url\" content=\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/\" \/>\n<meta property=\"og:site_name\" content=\"CyberSchool\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/CSchoolRennes\/\" \/>\n<meta property=\"article:modified_time\" content=\"2026-03-12T13:28:20+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cyberschool.univ-rennes.fr\/app\/uploads\/2021\/02\/cover-social-network.jpeg\" \/>\n\t<meta property=\"og:image:width\" content=\"1500\" \/>\n\t<meta property=\"og:image:height\" content=\"500\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@CSchoolRennes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/\",\"url\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/\",\"name\":\"G\u00e9nie Logiciel Appliqu\u00e9 - CyberSchool\",\"isPartOf\":{\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/#website\"},\"datePublished\":\"2021-08-31T14:46:46+00:00\",\"dateModified\":\"2026-03-12T13:28:20+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Education\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Master\u2019s and postgraduate programmes\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"Master\u2019s Cybersecurity, Science of Software and Hardware Security\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"Study programme of the Master\u2019s Cybersecurity, Science of Software and Hardware Security\",\"item\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/\"},{\"@type\":\"ListItem\",\"position\":6,\"name\":\"G\u00e9nie Logiciel Appliqu\u00e9\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/#website\",\"url\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/\",\"name\":\"CyberSchool\",\"description\":\"Just another WordPress site\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/cyberschool.univ-rennes.fr\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"G\u00e9nie Logiciel Appliqu\u00e9 - CyberSchool","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/","og_locale":"en_US","og_type":"article","og_title":"G\u00e9nie Logiciel Appliqu\u00e9 - CyberSchool","og_url":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/","og_site_name":"CyberSchool","article_publisher":"https:\/\/www.facebook.com\/CSchoolRennes\/","article_modified_time":"2026-03-12T13:28:20+00:00","og_image":[{"width":1500,"height":500,"url":"https:\/\/cyberschool.univ-rennes.fr\/app\/uploads\/2021\/02\/cover-social-network.jpeg","type":"image\/jpeg"}],"twitter_card":"summary_large_image","twitter_site":"@CSchoolRennes","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/","url":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/","name":"G\u00e9nie Logiciel Appliqu\u00e9 - CyberSchool","isPartOf":{"@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/#website"},"datePublished":"2021-08-31T14:46:46+00:00","dateModified":"2026-03-12T13:28:20+00:00","breadcrumb":{"@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/web-application-security\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/"},{"@type":"ListItem","position":2,"name":"Education","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/"},{"@type":"ListItem","position":3,"name":"Master\u2019s and postgraduate programmes","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/"},{"@type":"ListItem","position":4,"name":"Master\u2019s Cybersecurity, Science of Software and Hardware Security","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/"},{"@type":"ListItem","position":5,"name":"Study programme of the Master\u2019s Cybersecurity, Science of Software and Hardware Security","item":"https:\/\/cyberschool.univ-rennes.fr\/en\/education\/masters-and-postgraduate-programmes\/masters-cybersecurity-science-of-software-and-hardware-security\/study-programme-of-the-masters-cybersecurity-science-of-software-and-hardware-security\/"},{"@type":"ListItem","position":6,"name":"G\u00e9nie Logiciel Appliqu\u00e9"}]},{"@type":"WebSite","@id":"https:\/\/cyberschool.univ-rennes.fr\/en\/#website","url":"https:\/\/cyberschool.univ-rennes.fr\/en\/","name":"CyberSchool","description":"Just another WordPress site","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/cyberschool.univ-rennes.fr\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/3996"}],"collection":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/comments?post=3996"}],"version-history":[{"count":22,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/3996\/revisions"}],"predecessor-version":[{"id":18439,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/3996\/revisions\/18439"}],"up":[{"embeddable":true,"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/pages\/11707"}],"wp:attachment":[{"href":"https:\/\/cyberschool.univ-rennes.fr\/en\/wp-json\/wp\/v2\/media?parent=3996"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}