Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
Table of contents
- The History of Software Security
- Introduction to Web Application Reconnaissance
- The Structure of a Modern Web Application
- Finding Subdomains
- API Analysis
- Identifying Third-Party Dependencies
- Identifying Weak Points in Application Architecture
- Part I Summary
- Introduction to Hacking Web Applications
- Cross-Site Scripting (XSS)
- Cross-Site Request Forgery (CSRF)
- XML External Entity (XXE)
- Injection
- Denial of Service (DoS)
- Exploiting Third-Party Dependencies
- Part II Summary
- Securing Modern Web Applications
- Secure Application Architecture
- Reviewing Code for Security
- Vulnerability Discovery
- Vulnerability Management
- Defending Against XSS Attacks
- Defending Against CSRF Attacks
- Defending Against XXE
- Defending Against Injection
- Defending Against DoS
- Securing Third-Party Dependencies
- Part III Summary
- Conclusion
| Pages : | 331 |
| Size : | 5.2 MB |
| Downloads: | 261 |
| Created: | 2022-02-03 |
| License: | Open Publication License |
| Author(s): | Andrew Hoffman |
Warning: Trying to access array offset on false in /home/tutovnfz/public_html/amp/article-amp.php on line 263
Others related eBooks about Web Application Security
Download free course Web Page Size, Speed, and Performance, pdf file on 39 pages by Terrence Dorsey.
Download free course intituled Web API Design . This course is intended to a beginners users, document on format pdf in 70 pages created by gidgreen.com .
The next major advance in the Web will be Web 3.0 which will be built on semantic Web technologies.
Looking for a comprehensive guide on web content filtering and access denied ? Check out the free course offered by MIT Press! This 467-page PDF file provides insights on Internet blocking and filtering practices across the globe.
Web application security may seem like a complex, daunting task. This book is a quick guide to understanding how to make your website secure. It surveys the best steps for establishing a regular program to quickly find vulnerabilities in your site with a web application scanner.