Cover Image
Read Now

How to attack and defend your website

This is a concise introduction to web security that includes hands-on web hacking tutorials. The book has three primary objectives: to help readers develop a deep understanding of what is happening behind the scenes in a web application, with a focus on the HTTP protocol and other underlying web tec...

Full description

Bibliographic Details
Main Author: Dalziel, Henry
Format: eBook
Language:English
Published: Waltham, MA Syngress 2015
Subjects:
Computer Security
Sécurité Informatique
Web Sites / Security Measures
Sites Web / Conception
Web Sites / Design / Http://id.loc.gov/authorities/subjects/sh98000035
Computer Networks / Security Measures / Http://id.loc.gov/authorities/subjects/sh94001277
Sites Web / Sécurité / Mesures
Computer Networks / Security Measures / Fast
Web Sites / Security Measures / Fast
Web Site Development / Http://id.loc.gov/authorities/subjects/sh98004795
Sites Web / Développement
Web Sites / Design / Fast
Réseaux D'ordinateurs / Sécurité / Mesures
Web Site Development / Fast
Computer Security / Fast
Online Access:
Collection: O'Reilly - Collection details see MPG.ReNa
Table of Contents:
  • Cover
  • Title Page
  • Copyright Page
  • Table of contents
  • Author Biography
  • Contributing Editor Biography
  • Introduction
  • Chapter 1
  • Web Technologies
  • 1.1
  • Web servers
  • 1.2
  • Client-side versus server-side programming languages
  • 1.3
  • JavaScript
  • what is it?
  • 1.4
  • What can JavaScript do?
  • 1.5
  • What can JavaScript not do?
  • 1.6
  • Databases
  • 1.7
  • What about HTML?
  • 1.8
  • Web technologies
  • putting it together
  • 1.9
  • Digging deeper
  • 1.10
  • Hypertext Transfer Protocol (HTTP)
  • 1.11
  • Verbs
  • 1.12
  • Special characters and encodings
  • 1.13
  • Cookies, sessions, and authentication
  • 1.14
  • Short exercise: Linux machine setup
  • 1.15
  • Using the Burp Suite intercepting proxy
  • 1.16
  • Why is the intercepting proxy important?
  • 1.17
  • Short exercise
  • using the Burp Suite decoder
  • 1.18
  • Short exercise
  • getting comfortable with HTTP and Burp Suite
  • 1.18.1
  • Solution
  • 1.19
  • Understanding the application
  • 1.20
  • The Burp Suite site map
  • 1.21
  • Discovering content and structures
  • 1.22
  • Understanding an application
  • Chapter 2
  • Exploitation
  • 2.1
  • Bypassing client side controls
  • 2.1.1
  • Steps for Bypassing Controls
  • 2.2
  • Bypassing client-side controls
  • example
  • 2.2.1
  • Short Exercise: Bypassing Client-Side Control
  • 2.3
  • Bypassing client-side controls
  • exercise solution
  • 2.4
  • SQL injection
  • 2.5
  • SQL injection
  • 2.6
  • Short Exercise: Pwning with SQLMap
  • 2.6.1
  • Hack Steps
  • 2.6.2
  • Solution: Pwning with SQLMap
  • 2.7
  • Cross-site scripting (XSS)
  • 2.8
  • Stored cross-site scripting XSS
  • 2.9
  • Short exercise: using stored XSS to deface a website
  • 2.9.1
  • Solution
  • Using Stored XSS
  • Chapter 3
  • Finding Vulnerabilities
  • 3.1
  • The basic process
  • steps
  • 3.2
  • Exercise
  • finding vulnerabilities

Similar Items