learning objectives:
* exploit SQL injection vulnerability
* explain how to mitigate SQL injection
* explain CSRF
* explain how to mitigate CSRF
* exploit XSS vulnerability
* explain types of XSS
* explain how to mitigate XSS

activities:
* Read 24DSSS:
	- Sin 1: SQL Injection
	- Sin 2: Web Server-Related Vulnerabilities (XSS, CSRF, Response Splitting)
	- Sin 3: Web Client-Related Vulnerabilities (XSS)
* SQL Injection Activity: https://www.hacksplaining.com/exercises/sql-injection
* CSRF Activity: https://www.hacksplaining.com/exercises/csrf
* CSRF Demo: https://superlogout.github.io/
* XSS Activity: https://xss-game.appspot.com/

extra:
* watch and review any web security video
	- post title, link, review on Piazza