Web attacks and exploits pose an ongoing threat to the interconnected world. This comprehensive book explores the latest challenges in web application security, providing you with an in-depth understanding of hackers' methods and the practical knowledge and skills needed to effectively understand web attacks.
The book starts by emphasizing the importance of mindsets and toolsets in conducting successful web attacks. You’ll then explore the methodologies and frameworks used in these attacks, and learn how to configure an environment using interception proxies, automate tasks with Bash and Python, and set up a research lab. As you advance through the book, you’ll discover how to attack the SAML authentication layer; attack front-facing web applications by learning WordPress and SQL injection, and exploit vulnerabilities in IoT devices, such as command injection, by going through three CTFs and learning about the discovery of seven CVEs. Each chapter analyzes confirmed cases of exploitation mapped with MITRE ATT&CK. You’ll also analyze attacks on Electron JavaScript-based applications, such as XSS and RCE, and the security challenges of auditing and exploiting Ethereum smart contracts written in Solidity. Finally, you’ll find out how to disclose vulnerabilities.
By the end of this book, you’ll have enhanced your ability to find and exploit web vulnerabilities.

Osoby które kupowały "Attacking and Exploiting Modern Web Applications. Discover the mindset, techniques, and tools to perform modern web attacks and exploitation", wybierały także:

• Windows Media Center. Domowe centrum rozrywki 66,67 zÅ‚, (8,00 zÅ‚ -88%)
• Ruby on Rails. Ćwiczenia 18,75 zÅ‚, (3,00 zÅ‚ -84%)
• Przywództwo w Å›wiecie VUCA. Jak być skutecznym liderem w niepewnym Å›rodowisku 58,64 zÅ‚, (12,90 zÅ‚ -78%)
• Scrum. O zwinnym zarzÄ…dzaniu projektami. Wydanie II rozszerzone 58,64 zÅ‚, (12,90 zÅ‚ -78%)
• Od hierarchii do turkusu, czyli jak zarzÄ…dzać w XXI wieku 58,64 zÅ‚, (12,90 zÅ‚ -78%)

Spis treści

Attacking and Exploiting Modern Web Applications. Discover the mindset, techniques, and tools to perform modern web attacks and exploitation eBook -- spis treści

• 1. Mindset and Methodologies
• 2. Toolset for Web Attacks and Exploitation
• 3. Attacking the Authentication Layer – a SAML Use Case
• 4. Attacking Internet-Facing Web Applications – SQL Injection and Cross-Site Scripting (XSS) on WordPress
• 5. Attacking IoT Devices – Command Injection and Path Traversal
• 6. Attacking Electron JavaScript Applications – from Cross-Site Scripting (XSS) to Remote Command Execution (RCE)
• 7. Attacking Ethereum Smart Contracts – Reentrancy, Weak Sources of Randomness, and Business Logic
• 8. Continuing the Journey of Vulnerability Discovery