Web Security

Cryptographic Failures

Risk: Weak cryptography leads to data exposure. Covers weak hashing, poor encryption, hardcoded keys, and insecure key management.

WEB-CRYPTO-01Module ID
Hands-onLab Type
IntermediateLevel
Start Learning All Modules

Overview

Replace weak algorithms, secure keys, and configure TLS. Understand common pitfalls like ECB mode and predictable IVs.

Learning Outcomes

  • Distinguish hashing, encryption, and encoding
  • Apply salting, key stretching, and password hashing
  • Avoid ECB and insecure randoms; manage IVs/nonces
  • Secure key storage, rotation, and secrets handling
  • Configure modern TLS and cipher suites

Hands-on Labs

Migrate weak crypto, break poor implementations, and harden configurations with tests.

Hardening

Use vetted libraries, centralize key management, and automate TLS hygiene checks.

Launch OS3 Locally View on GitHub