What you'll learn:
- The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable platforms and applications
- How attackers identify potential weaknesses in Web application components
- What devastating vulnerabilities exist within Web server platforms such as Apache, Microsoft's Internet Information Server (IIS), Netscape Enterprise Server, J2EE, ASP.NET, and more
- How to survey Web applications for potential vulnerabilities -including checking directory structures, helper files, Java classes and applets, HTML comments, forms, and query strings
- Attack methods against authentication and session management features such as cookies, hidden tags, and session identifiers
- Most common input validation attacks-crafted input, command execution characters, and buffer overflows
- Countermeasures for SQL injection attacks such as robust error handling, custom stored procedures, and proper database configuration
- XML Web services vulnerabilities and best practices
- Tools and techniques used to hack Web clients-including cross-site scripting, active content attacks and cookie manipulation
-Valuable checklists and tips on hardening Web applications and clients based on the authors' consulting experiences
Table of contents
- Reconnaissance
- Introduction to Web Applications and Security
- Profiling
- Hacking Web Servers
- Surveying the Application
- The Attack
- Authentication
- Authorization
- Attacking Session State Management
- Input Validation Attacks
- Attacking Web Datastores
- Attacking Web Services
- Hacking Web Application Management
- Web Client Hacking
- Case Studies
- Appendixes
- Web Site Security Checklist
- Web Hacking Tools and Techniques Cribsheet
- Using Libwhisker
- UrlScan Installation and Configuration
Pages : | 416 |
Size : | 8.6 MB |
Downloads: | 206 |
Created: | 2022-02-02 |
License: | Open Publication License |
Author(s): | Joel Scambray, Mike Shema |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/amp/article-amp.php on line 263
Others related eBooks about Hacking Exposed Web Applications
Download free course The Web as History, pdf file on 298 pages by Niels Brügger, Ralph Schroeder.
Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.
Download free course Modern Web Development on the JAMstack, pdf file on 127 pages by Mathias Biilmann, Phil Hawksworth.
Download free course Web Page Size, Speed, and Performance, pdf file on 39 pages by Terrence Dorsey.
Web application security may seem like a complex, daunting task. This book is a quick guide to understanding how to make your website secure. It surveys the best steps for establishing a regular program to quickly find vulnerabilities in your site with a web application scanner.