Web Application Security
Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
Table of contents
- The History of Software Security
- Introduction to Web Application Reconnaissance
- The Structure of a Modern Web Application
- Finding Subdomains
- API Analysis
- Identifying Third-Party Dependencies
- Identifying Weak Points in Application Architecture
- Part I Summary
- Introduction to Hacking Web Applications
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- XML External Entity (XXE)
- Injection
- Denial of Service (DoS)
- Exploiting Third-Party Dependencies
- Part II Summary
- Securing Modern Web Applications
- Secure Application Architecture
- Reviewing Code for Security
- Vulnerability Discovery
- Vulnerability Management
- Defending Against XSS Attacks
- Defending Against CSRF Attacks
- Defending Against XXE
- Defending Against Injection
- Defending Against DoS
- Securing Third-Party Dependencies
- Part III Summary
- Conclusion
| Pages : | 331 |
| Size : | 5.2 MB |
| File type : | |
| Downloads: | 228 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Andrew Hoffman |
Others web Tutorials
Modern Web Development on the JAMstack
Web Application Security for Dummies - Qualys Limited Edition
Others related eBooks about Web Application Security
CSS in DepthThis book exposes you to a world of CSS techniques that range from clever to mind-blowing. This instantly useful book is packed with creative examples and powerful best practices that will sharpen your technical skills and inspire your sense of design....
Learn to build with PHPThis is a free PHP PDF tutorial in 9 chapters and 29 pages. This course aims to give students the basics of PHP concepts. This is a pretty short book, but we're going to cover a lot. In just a few pages, we're going to create a simple clone of Twitter....
Getting Started with Ruby programming languageA complet tutorial about Ruby programming language under 594 pages for advanced level students, free training document in PDF by David Flanagan and Yukihiro Matsumoto....
Deep Learning with JavaScript: Neural Networks in TensorFlow.jsDeep learning has transformed the fields of computer vision, image processing, and natural language applications. Thanks to TensorFlow.js, now JavaScript developers can build deep learning apps without relying on Python or R....
Angular Testing SuccinctlyThough sometimes perceived as a hurdle, testing can save developers from heartbreak in the..., download free Angular tutorial in PDF (94 pages) created by Joseph Booth ....
Advanced javascript...
The CSS HandbookDownload free course The CSS Handbook, pdf file on 173 pages by Flavio Copes....
PHP Notes for ProfessionalsPHP is a server-side scripting language that is widely used for web development. With this book, you will get a deep understanding of the advanced programming concepts in PHP and how to apply it practically....
The HTML HandbookDownload free course The HTML Handbook, pdf file on 87 pages by Flavio Copes....
Learning CSSDownload complet course on CSS style sheets, PDF document on 327 pages for beginners. Training document created by StackOverFlow to get started with CSS....