Web Application Security

Download free course Web Application Security, pdf file on 331 pages by Andrew Hoffman.

While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.

Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.

- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.

Table of contents

The History of Software Security
Introduction to Web Application Reconnaissance
The Structure of a Modern Web Application
Finding Subdomains
API Analysis
Identifying Third-Party Dependencies
Identifying Weak Points in Application Architecture
Part I Summary
Introduction to Hacking Web Applications
Cross-Site Scripting (XSS)
Cross-Site Request Forgery (CSRF)
XML External Entity (XXE)
Injection
Denial of Service (DoS)
Exploiting Third-Party Dependencies
Part II Summary
Securing Modern Web Applications
Secure Application Architecture
Reviewing Code for Security
Vulnerability Discovery
Vulnerability Management
Defending Against XSS Attacks
Defending Against CSRF Attacks
Defending Against XXE
Defending Against Injection
Defending Against DoS
Securing Third-Party Dependencies
Part III Summary
Conclusion

Pages :	331
Size :	5.2 MB
Downloads:	246
Created:	2022-02-03
License:	Open Publication License
Author(s):	Andrew Hoffman

Warning: Trying to access array offset on false in /home/tutovnfz/public_html/amp/article-amp.php on line 263

Download file

Others related eBooks about Web Application Security

Restful Web Services

You've built web sites that can be used by humans. But can you also build web sites that are usable by machines? That's where the future lies, and that's what RESTful Web Services shows you how to do. The World Wide Web is the most popular distributed application in history, and Web services and mas

RESTful Web Services

"Every developer working with the Web needs to read this book." - David Heinemei..., download free Web Services tutorial in PDF (448 pages).

RESTful Web Services

With this tutorial you will learn how to build a Web Services with REST protocol ,a free training document material under 148 pages by John Cowan.

RESTfull Web Services Tutorial

Download a complet eBook about RESTfull Web Services, it's a free training document course in 448 pages by O'Reilly licensed under a Creative Commons.

Webapps in Go

Download free course Webapps in Go, pdf file on 185 pages by Suraj Patil.