Web Intrusion Tests
The purpose of this whole book was mainly to get to this topic: the Web Intrusion Test, also known as the Web Penetration Test. You probably bought the book because of this topic, but you need to know that web penetration testing is only one piece of the puzzle. In order to achieve a successful, full penetration test, you need to include Threat Modeling, Source Code Review, and network pentests, as well.
The Chapter 7, Application Threat Modeling, should have given you an architectural overview of web applications, and the Source Code Review should've given you a deep understanding too. Don't forget network pentests, which can reveal interesting vulnerabilities. I've created this sequence of chapters for a reason—to reflect ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access