LAB 326 – Defending TypeScript Applications Against Path Traversal

Course Overview

When applications rely on untrusted input data to make security decisions without canonicalizing it, attackers could exploit these weaknesses to perform malicious actions. For instance, they could bypass checks for restricted resources, traverse file system directories, and redirect file system operations to unintended resources, which could cause significant damage to your organization.

This Defending TypeScript Skill Lab provides a virtual environment that contains a vulnerable application and its complete source code. It trains developers to identify and mitigate canonicalization vulnerabilities before negatively impacting your organization.

In this lab, learners will gain practical experience testing for a Path Traversal vulnerability and implementing appropriate mitigations such as:

• Resolving path traversal characters.
• Removing extraneous duplicate characters.
• Resolving embedded environment variables.
• Anchoring to a fixed location