Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
Table of contents
- The History of Software Security
- Introduction to Web Application Reconnaissance
- The Structure of a Modern Web Application
- Finding Subdomains
- API Analysis
- Identifying Third-Party Dependencies
- Identifying Weak Points in Application Architecture
- Part I Summary
- Introduction to Hacking Web Applications
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- XML External Entity (XXE)
- Injection
- Denial of Service (DoS)
- Exploiting Third-Party Dependencies
- Part II Summary
- Securing Modern Web Applications
- Secure Application Architecture
- Reviewing Code for Security
- Vulnerability Discovery
- Vulnerability Management
- Defending Against XSS Attacks
- Defending Against CSRF Attacks
- Defending Against XXE
- Defending Against Injection
- Defending Against DoS
- Securing Third-Party Dependencies
- Part III Summary
- Conclusion
| Pages : | 331 |
| Size : | 5.2 MB |
| Downloads: | 256 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Andrew Hoffman |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/amp/article-amp.php on line 263
Others related eBooks about Web Application Security
Over 75% of network attacks are targeted at the web application layer. This book provides explicit hacks, tutorials, penetration tests, and step-by-step demonstrations for security professionals and Web application developers to defend their most vulnerable applications.
Download free course The Web as History, pdf file on 298 pages by Niels Brügger, Ralph Schroeder.
You've built web sites that can be used by humans. But can you also build web sites that are usable by machines? That's where the future lies, and that's what RESTful Web Services shows you how to do. The World Wide Web is the most popular distributed application in history, and Web services and mas
Download free course RESTful Web Services, pdf file on 448 pages by Leonard Richardson, Sam Ru.
Download free course Go Web Development Succinctly, pdf file on 89 pages by Mark Lewin.