14 Being an unwitting accomplice

In this chapter

How hackers launch HTTP requests from your server
How hackers spoof emails
How hackers use open redirects

“No man is an island,” wrote the 17th-century metaphysical poet John Donne. The same can be said for web applications. Our applications exist on networks that are connected to most of the world’s computers, so they are very much whatever the opposite of an island is. (Donne was less clear on what that is. A hillock? An isthmus? A precinct?)

Because web apps are hyperconnected, it makes sense that attackers sometimes use one web application as a jumping-off point for attacking another. They may use this technique to hide their trail, or they may use it simply because the servers running the ...

Get Grokking Web Application Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Grokking Web Application Security by Malcolm McDonald

14 Being an unwitting accomplice

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly