Web application security exploitation and countermeasures for modern web applications
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking-until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a...
Main Author: | |
---|---|
Format: | eBook |
Language: | English |
Published: |
[Place of publication not identified]
O'Reilly Media, Inc
2020
|
Subjects: | |
Online Access: | |
Collection: | O'Reilly - Collection details see MPG.ReNa |
Table of Contents:
- The history of software security
- Part I. Recon. Introduction to web application reconnaissance
- The structure of a modern web application
- Finding subdomains
- API analysis
- Identifying third-party dependencies
- Identifying weak points in application architecture
- Part II. Offense. Introduction to hacking web applications
- Cross-site scripting (XSS)
- Cross-site request forgery (CSRF)
- XML external entity (XXE)
- Injection
- Denial of service (DoS)
- Exploiting third-party dependencies
- Part III. Defense. Securing modern web applications
- Secure application architecture
- Reviewing code for security
- Vulnerability discovery
- vulnerability management
- Defending against XSS attacks
- Defending against CSRF attacks
- Defending against XXE
- Defending against injection
- Defending against DoS
- Securing third-party dependencies