Download free course Web Application Security, pdf file on 331 pages by Andrew Hoffman.
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.
Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
Table of contentsThe History of Software Security
Introduction to Web Application Reconnaissance
The Structure of a Modern Web Application
Finding Subdomains
API Analysis
Identifying Third-Party Dependencies
Identifying Weak Points in Application Architecture
Part I Summary
Introduction to Hacking Web Applications
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
XML External Entity (XXE)
Injection
Denial of Service (DoS)
Exploiting Third-Party Dependencies
Part II Summary
Securing Modern Web Applications
Secure Application Architecture
Reviewing Code for Security
Vulnerability Discovery
Vulnerability Management
Defending Against XSS Attacks
Defending Against CSRF Attacks
Defending Against XXE
Defending Against Injection
Defending Against DoS
Securing Third-Party Dependencies
Part III Summary
Conclusion
Others related eBooks about Web Application Security
CSS tutorial for professionals
Download free CSS tutorial course in PDF, training file in 56 chapters and 244 pages. Free unaffiliated ebook created from Stack OverFlow contributor....
Magento tutorial
Download free Magento tutorial course in PDF, training file in 33 chapters and 94 pages. Free unaffiliated ebook created from Stack OverFlow contributor....
Learning jQuery PDF course
Download free Jquery tutorial course in PDF, training file in 18 chapters and 88 pages. Free unaffiliated ebook created from Stack OverFlow contributor....
Introduction to web development with Python and Django
Download introduction to web development with Python and Django, free training document in PDF under 28 pages....
HTML5 Shoot 'em Up in an Afternoon
Learn how to make a simple top-down shoot 'em up in a few hours using the Phaser HTML5 game framework....
How To Code in Node.js
Node.js is a popular open-source runtime environment that can execute JavaScript outside o..., download free Node.js tutorial in PDF (418 pages) created by David Landup ....
CSS Animation 101
Download free course CSS Animation 101, pdf file on 91 pages by Donovan Hutchinson....
The React Beginner's Handbook
The React Beginner's Handbook follows the 80/20 rule: learn in 20% of the time the 80% of ..., download free React tutorial in PDF (40 pages) created by ....
The HTML Handbook
Download free course The HTML Handbook, pdf file on 87 pages by Flavio Copes....
How To Build a Website With CSS and HTML
Download free course How To Build a Website With CSS and HTML, pdf file on 172 pages by Erin Glass....