Web Application Security
Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
Table of contents
- The History of Software Security
- Introduction to Web Application Reconnaissance
- The Structure of a Modern Web Application
- Finding Subdomains
- API Analysis
- Identifying Third-Party Dependencies
- Identifying Weak Points in Application Architecture
- Part I Summary
- Introduction to Hacking Web Applications
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- XML External Entity (XXE)
- Injection
- Denial of Service (DoS)
- Exploiting Third-Party Dependencies
- Part II Summary
- Securing Modern Web Applications
- Secure Application Architecture
- Reviewing Code for Security
- Vulnerability Discovery
- Vulnerability Management
- Defending Against XSS Attacks
- Defending Against CSRF Attacks
- Defending Against XXE
- Defending Against Injection
- Defending Against DoS
- Securing Third-Party Dependencies
- Part III Summary
- Conclusion
| Pages : | 331 |
| Size : | 5.2 MB |
| File type : | |
| Downloads: | 246 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Andrew Hoffman |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/article.php on line 233
Others web Tutorials
A Practical Guide to Designing for the Web
Others related eBooks about Web Application Security
The Vue.js HandbookVue.js is a very impressive project. It's a very popular JavaScript framework, one that's ..., download free Vue.js tutorial in PDF (122 pages) created by ....
JavaScript: A Crash Course in PDFFree PDF tutorial to download intituled JavaScript: A Crash Course intended to beginners, course in 28 pages created by well known author and developer....
React JS Notes for ProfessionalsDownload free course React JS Notes for Professionals, pdf file on 109 pages by Stack Overflow Community....
PHP Symfony framework courseDownload a complete guide in PDF about Symfony2 plateforme....
jQuery Notes for ProfessionalsDownload free course jQuery Notes for Professionals, pdf file on 66 pages by Stack Overflow Community....
Introduction to XHTMLXHTML is a stricter and cleaner version of HTML. In this tutorial you will learn the difference between HTML and XHTML. We will also show you how W3Schools.com was converted into XHTML....
Angular 2+ Notes for ProfessionalsDownload free course Angular 2+ Notes for Professionals, pdf file on 232 pages by by Stack Overflow Community....
Understanding the DOMJavaScript is the de facto programming language of the web, but the language itself does n..., download free DOM tutorial in PDF (126 pages) created by Tania Rascia ....
PHPUnit ManualDownload free course PHPUnit Manual, pdf file on 178 pages by Sebastian Bergmann....
Designing Scalable JavaScript ApplicationsIf you've ever written a non-trivial JavaScript application, you know that creating a code..., download free JavaScript tutorial in PDF (134 pages) created by Emmit Scott ....