Web Application Security
Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
Table of contents
- The History of Software Security
- Introduction to Web Application Reconnaissance
- The Structure of a Modern Web Application
- Finding Subdomains
- API Analysis
- Identifying Third-Party Dependencies
- Identifying Weak Points in Application Architecture
- Part I Summary
- Introduction to Hacking Web Applications
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- XML External Entity (XXE)
- Injection
- Denial of Service (DoS)
- Exploiting Third-Party Dependencies
- Part II Summary
- Securing Modern Web Applications
- Secure Application Architecture
- Reviewing Code for Security
- Vulnerability Discovery
- Vulnerability Management
- Defending Against XSS Attacks
- Defending Against CSRF Attacks
- Defending Against XXE
- Defending Against Injection
- Defending Against DoS
- Securing Third-Party Dependencies
- Part III Summary
- Conclusion
| Pages : | 331 |
| Size : | 5.2 MB |
| File type : | |
| Downloads: | 249 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Andrew Hoffman |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/article.php on line 233
Others related eBooks about Web Application Security
Eloquent JavaScript: A Modern Introduction to ProgrammingJavaScript lies at the heart of almost every modern web application, from social apps to the newest browser-based games. Though simple for beginners to pick up and play with, JavaScript is a flexible, complex language that you can use to build full-scale applications. ...
The HTML HandbookDownload free course The HTML Handbook, pdf file on 87 pages by Flavio Copes....
Learning Website Development with DjangoA beginner's PDF tutorial to building web applications,quickly and cleanly, with the Django application framework by Ayman Hourieh....
Getting Started with Ruby programming languageA complet tutorial about Ruby programming language under 594 pages for advanced level students, free training document in PDF by David Flanagan and Yukihiro Matsumoto....
HTML5 and CSS3This tutorial contain a brief overview about HTML5 and CSS3 , a free training document in PDF under 45 pages by Jason Clark....
HTML5 Notes for ProfessionalsDownload free course HTML5 Notes for Professionals, pdf file on 124 pages by Stack Overflow Community....
XHTML tutorial in PDFDownload pdf training tutorial about XHTML language, free document on 6 pages by Shirley et E.Kaiser....
Essential HTMLThis book written to provide clear and concise explanation of topics for programmers both starting to learn the HTML markup language as well as those diving in more complex topics. Most examples are linked to online playground that allows you to change the code and re-run it....
Magento tutorialDownload free Magento tutorial course in PDF, training file in 33 chapters and 94 pages. Free unaffiliated ebook created from Stack OverFlow contributor....
PHP5 web programmingThis PDF tutorial shows how to program a dynamic web site using PHP5 ,free training lesson under 24 pages designated to the beginners....