Muutke küpsiste eelistusi

Web Application Security: Exploitation and Countermeasures for Modern Web Applications [Pehme köide]

3.60/5 (164 hinnangut Goodreads-ist)
  • Formaat: Paperback / softback, 450 pages, kõrgus x laius: 232x178 mm
  • Ilmumisaeg: 31-Mar-2020
  • Kirjastus: O'Reilly Media
  • ISBN-10: 1492053112
  • ISBN-13: 9781492053118
Teised raamatud teemal:
  • Pehme köide
  • Hind: 70,74 €*
  • * saadame teile pakkumise kasutatud raamatule, mille hind võib erineda kodulehel olevast hinnast
  • See raamat on trükist otsas, kuid me saadame teile pakkumise kasutatud raamatule.
  • Kogus:
  • Lisa ostukorvi
  • Tasuta tarne
  • Lisa soovinimekirja
Web Application Security: Exploitation and Countermeasures for Modern Web ApplicationsSuurem pilt
  • Formaat: Paperback / softback, 450 pages, kõrgus x laius: 232x178 mm
  • Ilmumisaeg: 31-Mar-2020
  • Kirjastus: O'Reilly Media
  • ISBN-10: 1492053112
  • ISBN-13: 9781492053118
Teised raamatud teemal:
Püsilink: https://www.kriso.ee/db/9781492053118.html
Märksõnad:

While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking&;until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.

Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You&;ll learn methods for effectively researching and analyzing modern web applications&;including those you don&;t have direct access to. You&;ll also learn how to break into web applications using the latest hacking techniques. Finally, you&;ll learn how to develop mitigations for use in your own web applications to protect against hackers.

  • Explore common vulnerabilities plaguing today's web applications
  • Learn essential hacking techniques attackers use to exploit applications
  • Map and document web applications for which you don&;t have direct access
  • Develop and deploy customized exploits that can bypass common defenses
  • Develop and deploy mitigations to protect your applications against hackers
  • Integrate secure coding best practices into your development lifecycle
  • Get practical tips to help you improve the overall security of your web applications
Preface xiii
1 The History of Software Security
1(20)
The Origins of Hacking
1(1)
The Enigma Machine, Circa 1930
2(3)
Automated Enigma Code Cracking, Circa 1940
5(3)
Introducing the "Bombe"
7(1)
Telephone "Phrealdng," Circa 1950
8(2)
Anti-Phreaking Technology, Circa 1960
10(1)
The Origins of Computer Hacking, Circa 1980
11(1)
The Rise of the World Wide Web, Circa 2000
12(3)
Hackers in the Modern Era, Circa 2015+
15(3)
Summary
18(3)
Part I. Recon
2 Introduction to Web Application Reconnaissance
21(6)
Information Gathering
21(2)
Web Application Mapping
23(2)
Summary
25(2)
3 The Structure of a Modern Web Application
27(26)
Modern Versus Legacy Web Applications
27(2)
REST APIs
29(3)
JavaScript Object Notation
32(1)
JavaScript
33(12)
Variables and Scope
34(2)
Functions
36(1)
Context
37(1)
Prototypal Inheritance
38(3)
Asynchrony
41(3)
Browser DOM
44(1)
SPA Frameworks
45(1)
Authentication and Authorization Systems
46(2)
Authentication
47(1)
Authorization
47(1)
Web Servers
48(1)
Server-Side Databases
49(1)
Client-Side Data Stores
50(1)
Summary
51(2)
4 Finding Subdomains
53(24)
Multiple Applications per Domain
53(1)
The Browser's Built-In Network Analysis Tools
54(3)
Taking Advantage of Public Records
57(8)
Search Engine Caches
58(2)
Accidental Archives
60(2)
Social Snapshots
62(3)
Zone Transfer Attacks
65(2)
Brute Forcing Subdomains
67(5)
Dictionary Attacks
72(3)
Summary
75(2)
5 API Analysis
77(10)
Endpoint Discovery
77(4)
Authentication Mechanisms
81(1)
Endpoint Shapes
82(2)
Common Shapes
82(1)
Application-Specific Shapes
83(1)
Summary
84(3)
6 Identifying Third-Party Dependencies
87(12)
Detecting Client-Side Frameworks
87(5)
Detecting SPA Frameworks
88(2)
Detecting JavaScript Libraries
90(1)
Detecting CSS Libraries
91(1)
Detecting Server-Side Frameworks
92(4)
Header Detection
92(1)
Default Error Messages and 404 Pages
92(3)
Database Detection
95(1)
Summary
96(3)
7 Identifying Weak Points in Application Architecture
99(10)
Secure Versus Insecure Architecture Signals
100(4)
Multiple Layers of Security
104(1)
Adoption and Reinvention
105(2)
Summary
107(2)
8 Part I Summary
109(4)
Part II. Offense
9 Introduction to Hacking Web Applications
113(4)
The Hacker's Mindset
113(1)
Applied Recon
114(3)
10 Cross-Site Scripting (XSS)
117(14)
XSS Discovery and Exploitation
118(3)
Stored XSS
121(2)
Reflected XSS
123(3)
DOM-Based XSS
126(2)
Mutation-Based XSS
128(2)
Summary
130(1)
11 Cross-Site Request Forgery (CSRF)
131(10)
Query Parameter Tampering
131(5)
Alternate GET Payloads
136(1)
CSRF Against POST Endpoints
137(2)
Summary
139(2)
12 XML External Entity (XXE)
141(6)
Direct XXE
141(4)
Indirect XXE
145(1)
Summary
146(1)
13 Injection
147(14)
SQL Injection
147(4)
Code Injection
151(4)
Command Injection
155(3)
Summary
158(3)
14 Denial of Service (DoS)
161(10)
regex DoS (ReDoS)
162(2)
Logical DoS Vulnerabilities
164(3)
Distributed DoS
167(2)
Summary
169(2)
15 Exploiting Third-Party Dependencies
171(12)
Methods of Integration
173(3)
Branches and Forks
174(1)
Self-Hosted Application Integrations
174(1)
Source Code Integration
175(1)
Package Managers
176(4)
JavaScript
176(2)
Java
178(1)
Other Languages
179(1)
Common Vulnerabilities and Exposures Database
180(1)
Summary
181(2)
16 Part II Summary
183(4)
Part III. Defense
17 Securing Modern Web Applications
187(6)
Defensive Software Architecture
188(1)
Comprehensive Code Reviews
188(1)
Vulnerability Discovery
189(1)
Vulnerability Analysis
190(1)
Vulnerability Management
190(1)
Regression Testing
191(1)
Mitigation Strategies
191(1)
Applied Recon and Offense Techniques
192(1)
18 Secure Application Architecture
193(12)
Analyzing Feature Requirements
193(2)
Authentication and Authorization
195(6)
Secure Sockets Layer and Transport Layer Security
195(2)
Secure Credentials
197(1)
Hashing Credentials
197(3)
2FA
200(1)
PII and Financial Data
201(1)
Searching
201(2)
Summary
203(2)
19 Reviewing Code for Security
205(10)
How to Start a Code Review
206(1)
Archetypical Vulnerabilities Versus Custom Logic Bugs
207(2)
Where to Start a Security Review
209(2)
Secure-Coding Anti-Patterns
211(3)
Blacklists
211(1)
Boilerplate Code
212(1)
Trust-By-Default Anti-Pattern
213(1)
Client/Server Separation
213(1)
Summary
214(1)
20 Vulnerability Discovery
215(10)
Security Automation
215(6)
Static Analysis
216(1)
Dynamic Analysis
217(1)
Vulnerability Regression Testing
218(3)
Responsible Disclosure Programs
221(1)
Bug Bounty Programs
222(1)
Third-Party Penetration Testing
223(1)
Summary
224(1)
21 Vulnerability Management
225(10)
Reproducing Vulnerabilities
225(1)
Ranking Vulnerability Severity
226(1)
Common Vulnerability Scoring System
226(6)
CVSS: Base Scoring
228(2)
CVSS: Temporal Scoring
230(1)
CVSS: Environmental Scoring
231(1)
Advanced Vulnerability Scoring
232(1)
Beyond Triage and Scoring
232(1)
Summary
233(2)
22 Defending Against XSS Attacks
235(12)
Anti-XSS Coding Best Practices
235(2)
Sanitizing User Input
237(4)
DOMParser Sink
238(1)
SVG Sink
238(1)
Blob Sink
239(1)
Sanitizing Hyperlinks
239(1)
HTML Entity Encoding
240(1)
CSS
241(1)
Content Security Policy for XSS Prevention
242(3)
Script Source
242(1)
Unsafe Eval and Unsafe Inline
243(1)
Implementing a CSP
244(1)
Summary
245(2)
23 Defending Against CSRF Attacks
247(8)
Header Verification
247(2)
CSRF Tokens
249(1)
Stateless CSRF Tokens
250(1)
Anti-CRSF Coding Best Practices
250(3)
Stateless GET Requests
251(1)
Application-Wide CSRF Mitigation
252(1)
Summary
253(2)
24 Defending Against XXE
255(4)
Evaluating Other Data Formats
256(1)
Advanced XXE Risks
257(1)
Summary
257(2)
25 Defending Against Injection
259(10)
Mitigating SQL Injection
259(4)
Detecting SQL Injection
260(1)
Prepared Statements
261(2)
Database-Specific Defenses
263(1)
Generic Injection Defenses
263(3)
Potential Injection Targets
263(1)
Principle of Least Authority
264(1)
Whitelisting Commands
265(1)
Summary
266(3)
26 Defending Against DoS
269(6)
Protecting Against Regex DoS
270(1)
Protecting Against Logical DoS
270(1)
Protecting Against DDoS
271(2)
DDoS Mitigation
272(1)
Summary
273(2)
27 Securing Third-Party Dependencies
275(6)
Evaluating Dependency Trees
275(2)
Modeling a Dependency Tree
276(1)
Dependency Trees in the Real World
277(1)
Automated Evaluation
277(1)
Secure Integration Techniques
277(2)
Separation of Concerns
278(1)
Secure Package Management
278(1)
Summary
279(2)
28 Part Ill Summary
281(8)
The History of Software Security
281(2)
Web Application Reconnaissance
283(1)
Offense
284(1)
Defense
285(4)
29 Conclusion
289(2)
Index 291
Andrew Hoffman is a product security lead at Salesforce.com, where he is responsible for the security of multiple JavaScript, NodeJS, and OSS teams. His expertise is in deep DOM and JavaScript security vulnerabilities. He has worked with every major browser vendor, as well as with TC39 and WHATWG ? the organizations responsible for the upcoming version of JavaScript and the browser DOM spec.

Prior to this role, Andrew was a software security engineer working on Locker Service, the world's first JavaScript namespace isolation library that operates from the interpreter level up. In parallel, Andrew also contributed to the upcoming JavaScript language security feature "Realms," which provides language level namespace isolation to JavaScript.