O'Reilly logo

Ethical Hacking and Penetration Testing Guide by Rafay Baloch

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 12Web Hacking

Web applications are where majority of attacks are occuring now a days. Since past decade, we have seen an upward progression in the layers of insecurities where the attacks moving from Phsical layer up to application layer of the OSI model. This chapter is going to be probably the biggest in this book, and we will talk about some of the most common web application attacks, along with some server-side attacking techniques and strategies.

Let’s talk about web application attacks first. Almost every web application attack is due to unvalidated input: failure to validate input upon authentication, on form fields, or other inputs such as http headers and cookies. Web application hacking happens because either developers aren’t ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required