8. Protecting a Flawed Web Application: Buggy Bank
“Give a man an audit and he will be secure for a day. Teach a man to audit and he will be secure for the rest of his life.”
—David Rhoades
So, you want to put the knowledge that you learned in Chapter 7 to use, huh? In order to do this, you first must have an application that has some known vulnerabilities to use as the target. Do you have access to such an application? The common response is no, since due diligence requires that any vulnerabilities should have already had an appropriate patch or fix applied. Another option would be to probe and test someone else’s web server; however, this is not a good idea unless your future plan is to fine-tune your web security skills while sitting in jail. ...
Get Preventing Web Attacks with Apache now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.