[null,null,[],[[["This blog post introduces a codelab, \"Web Application Exploits and Defenses,\" designed to teach developers about common web application vulnerabilities."],["The codelab utilizes Gruyere, a microblogging application intentionally built with security flaws, to demonstrate real-world vulnerabilities."],["Gruyere's source code is publicly available under a Creative Commons license for use in security training and educational settings."],["The codelab covers a range of vulnerabilities including XSS, XSRF, XSSI, client-state manipulation, and more, showcasing their potential impact."],["Developers can access the codelab and its instructor's guide through the provided links to enhance their understanding of web application security."]]],["A codelab, now named Gruyere, was released to teach developers about web application vulnerabilities. It demonstrates how attackers exploit flaws like cross-site scripting (XSS), request forgery (XSRF), and script inclusion (XSSI), alongside others. The codelab uses a microblogging application filled with security bugs. Gruyere's source code is openly available for security exercises. Developers can access it at the provided link, and an instructor's guide is also provided on the Google Code University website.\n"]]