Topics [X] Introduction [] Injection vulnerabilities, buffer overflows, and memory safety [] Software security [] Access control, OS security [] Privilege separation, security principles [] Security principles [X] Web security: access control, same-origin policy [] Web security: injection vulnerabilities [X] Web security: XSS [X] Web security: session management and CSRF [] Authentication and impersonation [X] Web security: UI-based attacks [X] Tracking on the web [] Symmetric-key encryption