Chapter 12Web Hacking

Web applications are where majority of attacks are occuring now a days. Since past decade, we have seen an upward progression in the layers of insecurities where the attacks moving from Phsical layer up to application layer of the OSI model. This chapter is going to be probably the biggest in this book, and we will talk about some of the most common web application attacks, along with some server-side attacking techniques and strategies.

Let’s talk about web application attacks first. Almost every web application attack is due to unvalidated input: failure to validate input upon authentication, on form fields, or other inputs such as http headers and cookies. Web application hacking happens because either developers aren’t ...

Get Ethical Hacking and Penetration Testing Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.