Web Applications 101; 02. Threat Models for Web Security; 03. Cross-Site Request Forgery (XSRF); SQL Injection; Cross-Site Scripting (XSS);