Web Application Security



Download free course Web Application Security, pdf file on 331 pages by Andrew Hoffman.
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.

Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.

- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.

Table of contents

  • The History of Software Security
  • Introduction to Web Application Reconnaissance
  • The Structure of a Modern Web Application
  • Finding Subdomains
  • API Analysis
  • Identifying Third-Party Dependencies
  • Identifying Weak Points in Application Architecture
  • Part I Summary
  • Introduction to Hacking Web Applications
  • Cross-Site Scripting (XSS)
  • Cross-Site Request Forgery (CSRF)
  • XML External Entity (XXE)
  • Injection
  • Denial of Service (DoS)
  • Exploiting Third-Party Dependencies
  • Part II Summary
  • Securing Modern Web Applications
  • Secure Application Architecture
  • Reviewing Code for Security
  • Vulnerability Discovery
  • Vulnerability Management
  • Defending Against XSS Attacks
  • Defending Against CSRF Attacks
  • Defending Against XXE
  • Defending Against Injection
  • Defending Against DoS
  • Securing Third-Party Dependencies
  • Part III Summary
  • Conclusion
Pages : 331
Size : 5.2 MB
File type : PDF
Downloads: 192
Created: 2022-02-03
License: Open Publication License
Author(s): Andrew Hoffman
Web Application Security

Others web Tutorials

Go Web Development Succinctly

Web Application Security Guide

Web Page Size, Speed, and Performance

Restful Web Services

How To Build a Website With CSS and HTML

Others related eBooks about Web Application Security

Acceptance Test Driven Development with React

This book describes how to apply the Acceptance Test Driven Development when developing a ..., download free React tutorial in PDF (182 pages) created by Juntao Qiu ....

Web Page Size, Speed, and Performance

Download free course Web Page Size, Speed, and Performance, pdf file on 39 pages by Terrence Dorsey....

PHP Notes for Professionals

Download free course PHP Notes for Professionals, pdf file on 480 pages by Stack Overflow Community....

The Complete Beginner’s Guide to React

This tutorial assumes that you have at least a beginner’s grasp of HTML and JavaScript. React.js is a JavaScript library that was created by Facebook. If you are keen to learn React from the ground-up feel free to check Learn and Understand React JS on Zenva Academy which covers all the basi...

Eloquent JavaScript, 3rd Edition

JavaScript lies at the heart of almost every modern web application, from social apps like..., download free JavaScript tutorial in PDF (472 pages) created by ....

Vue.js tutorial in PDF

Download free Vue.js tutorial course in PDF, training file in 26 chapters and 93 pages. Free unaffiliated ebook created from Stack OverFlow contributor....

Understanding the DOM

JavaScript is the de facto programming language of the web, but the language itself does n..., download free DOM tutorial in PDF (126 pages) created by Tania Rascia ....

Learning React Native

Download free course Learning React Native, pdf file on 101 pages by Stack Overflow Community....

A Practical Guide to Designing for the Web

A Practical Guide to Designing for the Web aims to teach you techniques for designing your website using the principles of graphic design. Featuring five sections, each covering a core aspect of graphic design: Getting Started, Research, Typography, Colour, and Layout. Learn solid graphic design...

Go for Javascript Developers

This book compares between two programming languages, Golang (or Go) and ECMAScript (or Javascript / JS). The merits of this pairing is the popularity of these languages. That's it. They are not similar, in fact, they are quite different. Javascript is an event driven, dynamically typed and interpre...