Web Application Security. Exploitation and Countermeasures for Modern Web Applications - Helion

ebook

Autor: Andrew Hoffman
ISBN: 978-14-920-5306-4
stron: 330, Format: ebook
Data wydania: 2020-03-02
Księgarnia: Helion

Cena książki: 152,15 zł (poprzednio: 176,92 zł)
Oszczędzasz: 14% (-24,77 zł)

Osoby, które kupiły tę książkę, wybierały także »

While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking—until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.

Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You’ll learn methods for effectively researching and analyzing modern web applications—including those you don’t have direct access to. You’ll also learn how to break into web applications using the latest hacking techniques. Finally, you’ll learn how to develop mitigations for use in your own web applications to protect against hackers.

Explore common vulnerabilities plaguing today's web applications
Learn essential hacking techniques attackers use to exploit applications
Map and document web applications for which you don’t have direct access
Develop and deploy customized exploits that can bypass common defenses
Develop and deploy mitigations to protect your applications against hackers
Integrate secure coding best practices into your development lifecycle
Get practical tips to help you improve the overall security of your web applications

Osoby które kupowały "Web Application Security. Exploitation and Countermeasures for Modern Web Applications", wybierały także:

Windows Media Center. Domowe centrum rozrywki 66,67 zł, (8,00 zł -88%)
Ruby on Rails. Ćwiczenia 18,75 zł, (3,00 zł -84%)
DevOps w praktyce. Kurs video. Jenkins, Ansible, Terraform i Docker 190,00 zł, (39,90 zł -79%)
Przywództwo w świecie VUCA. Jak być skutecznym liderem w niepewnym środowisku 58,64 zł, (12,90 zł -78%)
Scrum. O zwinnym zarządzaniu projektami. Wydanie II rozszerzone 58,64 zł, (12,90 zł -78%)

Spis treści

Web Application Security. Exploitation and Countermeasures for Modern Web Applications eBook -- spis treści

Preface
- Prerequisite Knowledge and Learning Goals
- Suggested Background
- Minimum Required Skills
- Who Benefits Most from Reading This Book?
  - Software Engineers and Web Application Developers
    - Software engineers
    - Web application developers
  - General Learning Goals
  - Security Engineers, Pen Testers, and Bug Bounty Hunters
- How Is This Book Organized?
  - Recon
    - Why is recon important?
  - Offense
    - Vulnerabilities considered in depth
  - Defense
    - Trade-off evaluation
- Language and Terminology
- Summary
- Conventions Used in This Book
- OReilly Online Learning
- How to Contact Us
1. The History of Software Security
- The Origins of Hacking
- The Enigma Machine, Circa 1930
- Automated Enigma Code Cracking, Circa 1940
  - Introducing the Bombe
- Telephone Phreaking, Circa 1950
- Anti-Phreaking Technology, Circa 1960
- The Origins of Computer Hacking, Circa 1980
- The Rise of the World Wide Web, Circa 2000
- Hackers in the Modern Era, Circa 2015+
- Summary
I. Recon
2. Introduction to Web Application Reconnaissance
- Information Gathering
- Web Application Mapping
- Summary
3. The Structure of a Modern Web Application
- Modern Versus Legacy Web Applications
- REST APIs
- JavaScript Object Notation
- JavaScript
  - Variables and Scope
  - Functions
  - Context
  - Prototypal Inheritance
  - Asynchrony
  - Browser DOM
- SPA Frameworks
- Authentication and Authorization Systems
  - Authentication
  - Authorization
- Web Servers
- Server-Side Databases
- Client-Side Data Stores
- Summary
4. Finding Subdomains
- Multiple Applications per Domain
- The Browsers Built-In Network Analysis Tools
- Taking Advantage of Public Records
  - Search Engine Caches
  - Accidental Archives
  - Social Snapshots
    - Twitter API
- Zone Transfer Attacks
- Brute Forcing Subdomains
- Dictionary Attacks
- Summary
5. API Analysis
- Endpoint Discovery
- Authentication Mechanisms
- Endpoint Shapes
  - Common Shapes
  - Application-Specific Shapes
- Summary
6. Identifying Third-Party Dependencies
- Detecting Client-Side Frameworks
  - Detecting SPA Frameworks
    - EmberJS
    - AngularJS
    - React
    - VueJS
  - Detecting JavaScript Libraries
  - Detecting CSS Libraries
- Detecting Server-Side Frameworks
  - Header Detection
  - Default Error Messages and 404 Pages
  - Database Detection
- Summary
7. Identifying Weak Points in Application Architecture
- Secure Versus Insecure Architecture Signals
- Multiple Layers of Security
- Adoption and Reinvention
- Summary
8. Part I Summary
II. Offense
9. Introduction to Hacking Web Applications
- The Hackers Mindset
- Applied Recon
10. Cross-Site Scripting (XSS)
- XSS Discovery and Exploitation
- Stored XSS
- Reflected XSS
- DOM-Based XSS
- Mutation-Based XSS
- Summary
11. Cross-Site Request Forgery (CSRF)
- Query Parameter Tampering
- Alternate GET Payloads
- CSRF Against POST Endpoints
- Summary
12. XML External Entity (XXE)
- Direct XXE
- Indirect XXE
- Summary
13. Injection
- SQL Injection
- Code Injection
- Command Injection
- Summary
14. Denial of Service (DoS)
- regex DoS (ReDoS)
- Logical DoS Vulnerabilities
- Distributed DoS
- Summary
15. Exploiting Third-Party Dependencies
- Methods of Integration
  - Branches and Forks
  - Self-Hosted Application Integrations
  - Source Code Integration
- Package Managers
  - JavaScript
  - Java
  - Other Languages
- Common Vulnerabilities and Exposures Database
- Summary
16. Part II Summary
III. Defense
17. Securing Modern Web Applications
- Defensive Software Architecture
- Comprehensive Code Reviews
- Vulnerability Discovery
- Vulnerability Analysis
- Vulnerability Management
- Regression Testing
- Mitigation Strategies
- Applied Recon and Offense Techniques
18. Secure Application Architecture
- Analyzing Feature Requirements
- Authentication and Authorization
  - Secure Sockets Layer and Transport Layer Security
  - Secure Credentials
  - Hashing Credentials
    - BCrypt
    - PBKDF2
  - 2FA
- PII and Financial Data
- Searching
- Summary
19. Reviewing Code for Security
- How to Start a Code Review
- Archetypical Vulnerabilities Versus Custom Logic Bugs
- Where to Start a Security Review
- Secure-Coding Anti-Patterns
  - Blacklists
  - Boilerplate Code
  - Trust-By-Default Anti-Pattern
  - Client/Server Separation
- Summary
20. Vulnerability Discovery
- Security Automation
  - Static Analysis
  - Dynamic Analysis
  - Vulnerability Regression Testing
- Responsible Disclosure Programs
- Bug Bounty Programs
- Third-Party Penetration Testing
- Summary
21. Vulnerability Management
- Reproducing Vulnerabilities
- Ranking Vulnerability Severity
- Common Vulnerability Scoring System
  - CVSS: Base Scoring
  - CVSS: Temporal Scoring
  - CVSS: Environmental Scoring
- Advanced Vulnerability Scoring
- Beyond Triage and Scoring
- Summary
22. Defending Against XSS Attacks
- Anti-XSS Coding Best Practices
- Sanitizing User Input
  - DOMParser Sink
  - SVG Sink
  - Blob Sink
  - Sanitizing Hyperlinks
  - HTML Entity Encoding
- CSS
- Content Security Policy for XSS Prevention
  - Script Source
  - Unsafe Eval and Unsafe Inline
  - Implementing a CSP
- Summary
23. Defending Against CSRF Attacks
- Header Verification
- CSRF Tokens
  - Stateless CSRF Tokens
- Anti-CRSF Coding Best Practices
  - Stateless GET Requests
  - Application-Wide CSRF Mitigation
    - Anti-CSRF middleware
- Summary
24. Defending Against XXE
- Evaluating Other Data Formats
- Advanced XXE Risks
- Summary
25. Defending Against Injection
- Mitigating SQL Injection
  - Detecting SQL Injection
  - Prepared Statements
  - Database-Specific Defenses
- Generic Injection Defenses
  - Potential Injection Targets
  - Principle of Least Authority
  - Whitelisting Commands
- Summary
26. Defending Against DoS
- Protecting Against Regex DoS
- Protecting Against Logical DoS
- Protecting Against DDoS
  - DDoS Mitigation
- Summary
27. Securing Third-Party Dependencies
- Evaluating Dependency Trees
  - Modeling a Dependency Tree
  - Dependency Trees in the Real World
  - Automated Evaluation
- Secure Integration Techniques
  - Separation of Concerns
  - Secure Package Management
- Summary
28. Part III Summary
- The History of Software Security
- Web Application Reconnaissance
- Offense
- Defense
29. Conclusion
Index