Web Application Security
Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
Table of contents
- The History of Software Security
- Introduction to Web Application Reconnaissance
- The Structure of a Modern Web Application
- Finding Subdomains
- API Analysis
- Identifying Third-Party Dependencies
- Identifying Weak Points in Application Architecture
- Part I Summary
- Introduction to Hacking Web Applications
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- XML External Entity (XXE)
- Injection
- Denial of Service (DoS)
- Exploiting Third-Party Dependencies
- Part II Summary
- Securing Modern Web Applications
- Secure Application Architecture
- Reviewing Code for Security
- Vulnerability Discovery
- Vulnerability Management
- Defending Against XSS Attacks
- Defending Against CSRF Attacks
- Defending Against XXE
- Defending Against Injection
- Defending Against DoS
- Securing Third-Party Dependencies
- Part III Summary
- Conclusion
| Pages : | 331 |
| Size : | 5.2 MB |
| File type : | |
| Downloads: | 236 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Andrew Hoffman |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/article.php on line 233
Others web Tutorials
How To Build a Website With CSS and HTML
Web Application Security for Dummies - Qualys Limited Edition
Others related eBooks about Web Application Security
Building Front-End Web Apps with Plain JavaScriptThis book shows how to build front-end web applications with plain JavaScript, not using any (third-party) framework or library. A front-end web application can be provided by any web server, but it is executed on the user's computer device (smartphone, tablet or notebook), and not on the remote w...
MySQL tutorial for professionalsDownload free MySQL tutorial course in PDF, training file in 70 chapters and 199 pages. Free unaffiliated ebook created from Stack OverFlow contributor....
Learning advanced-custom-fields PDF courseDownload free Advanced custom fields tutorial course in PDF, training file in 5 chapters and 14 pages. Free unaffiliated ebook created from Stack OverFlow contributor....
Getting started with WordPressDownload free WordPress tutorial course in PDF, training file in 72 chapters and 208 pages. Free unaffiliated ebook created from Stack OverFlow contributor....
Drupal 7 Views CookbookFully revised and updated for 2016, Drupal 7 Views Cookbook allows you to bypass most of t..., download free Drupal 7 tutorial in PDF (218 pages) created by Ayen Green ....
Download free PHP courseWith this PDF tutorial you will learn the basics of PHP ,understand the working model of PHP to begin coding your own projects and scripts.Free courses under 95 pages designated to beginners....
Deep Learning with JavaScript: Neural Networks in TensorFlow.jsDeep learning has transformed the fields of computer vision, image processing, and natural language applications. Thanks to TensorFlow.js, now JavaScript developers can build deep learning apps without relying on Python or R....
You Don't Know JS Yet: ES.Next & Beyond - 2nd EditionNo matter how much experience you have with JavaScript, odds are you don't fully understand the language. As part of the "You Don't Know JS" series, this compact guide focuses on new features available in ECMAScript 6 (ES6), the latest version of the standard upon which JavaScript is built. ...
Laravel Tutorial pdfThe purpose of this tutorial is to learn a new PHP framework and use it efficiently to build an eCommerce web application for a small project,this new framework allows users to check products by category and pass orders securely....
CSS Notes for ProfessionalsDownload free course CSS Notes for Professionals, pdf file on 244 pages by Stack Overflow Community....