Chapter 7. Web Application Attacks

In this chapter, we will explore various methods of testing web applications using freely available tools such as your web browser, w3af, WebScarab, and others. We will also discuss methods of bypassing web application firewalls and IDSs, and how to determine if your targets are being load balanced or filtered. This chapter does require significant lab preparation. If you are not following the examples, you may want to bypass these portions.

Tip

There are numerous methods of performing this type of testing. We would need to dedicate an entire book to cover them all. Keeping this in mind, we have provided guidance on techniques that are most beneficial when targeting secured environments.

Businesses will typically ...

Get Advanced Penetration Testing for Highly-Secured Environments - Second Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.