book

The Web Application Hacker's Handbook, 2nd Edition

Name: The Web Application Hacker's Handbook, 2nd Edition
ISBN: 9781118026472

by Dafydd Stuttard, Marcus Pinto

September 2011

Intermediate to advanced

912 pages

25h 4m

English

Wiley

Read now

Unlock full access

Cover
Title
Copyright
About the Authors
About the Technical Editor
MDSec: The Authors’ Company
Credits
Acknowledgments
Introduction
Overview of This BookWho Should Read This BookHow This Book Is OrganizedWhat's New in This EditionTools You Will NeedWhat's on the WebsiteBring It On
Chapter 1: Web Application (In)security
The Evolution of Web ApplicationsWeb Application SecuritySummary

Chapter 2: Core Defense Mechanisms
Handling User AccessHandling User InputHandling AttackersManaging the ApplicationSummaryQuestions
Chapter 3: Web Application Technologies
The HTTP ProtocolWeb FunctionalityEncoding SchemesNext StepsQuestions
Chapter 4: Mapping the Application
Enumerating Content and FunctionalityAnalyzing the ApplicationSummaryQuestions
Chapter 5: Bypassing Client-Side Controls
Transmitting Data Via the ClientCapturing User Data: HTML FormsCapturing User Data: Browser ExtensionsHandling Client-Side Data SecurelySummaryQuestions
Chapter 6: Attacking Authentication
Authentication TechnologiesDesign Flaws in Authentication MechanismsImplementation Flaws in AuthenticationSecuring AuthenticationSummaryQuestions
Chapter 7: Attacking Session Management
The Need for StateWeaknesses in Token GenerationWeaknesses in Session Token HandlingSecuring Session ManagementSummaryQuestions
Chapter 8: Attacking Access Controls
Common VulnerabilitiesAttacking Access ControlsSecuring Access ControlsSummaryQuestions
Chapter 9: Attacking Data Stores
Injecting into Interpreted ContextsInjecting into SQLInjecting into NoSQLInjecting into XPathInjecting into LDAPSummaryQuestions
Chapter 10: Attacking Back-End Components
Injecting OS CommandsManipulating File PathsInjecting into XML InterpretersInjecting into Back-end HTTP RequestsInjecting into Mail ServicesSummaryQuestions
Chapter 11: Attacking Application Logic
The Nature of Logic FlawsReal-World Logic FlawsAvoiding Logic FlawsSummaryQuestions
Chapter 12: Attacking Users: Cross-Site Scripting
Varieties of XSSXSS Attacks in ActionFinding and Exploiting XSS VulnerabilitiesPreventing XSS AttacksSummaryQuestions
Chapter 13: Attacking Users: Other Techniques
Inducing User ActionsCapturing Data Cross-DomainThe Same-Origin Policy RevisitedOther Client-Side Injection AttacksLocal Privacy AttacksAttacking ActiveX ControlsAttacking the BrowserSummaryQuestions
Chapter 14: Automating Customized Attacks
Uses for Customized AutomationEnumerating Valid IdentifiersHarvesting Useful DataFuzzing for Common VulnerabilitiesPutting It All Together: Burp IntruderBarriers to AutomationSummaryQuestions
Chapter 15: Exploiting Information Disclosure
Exploiting Error MessagesGathering Published InformationUsing InferencePreventing Information LeakageSummaryQuestions
Chapter 16: Attacking Native Compiled Applications
Buffer Overflow VulnerabilitiesInteger VulnerabilitiesFormat String VulnerabilitiesSummaryQuestions
Chapter 17: Attacking Application Architecture
Tiered ArchitecturesShared Hosting and Application Service ProvidersSummaryQuestions
Chapter 18: Attacking the Application Server
Vulnerable Server ConfigurationVulnerable Server SoftwareWeb Application FirewallsSummaryQuestions
Chapter 19: Finding Vulnerabilities in Source Code
Approaches to Code ReviewSignatures of Common VulnerabilitiesThe Java PlatformASP.NETPHPPerlJavaScriptDatabase Code ComponentsTools for Code BrowsingSummaryQuestions
Chapter 20: A Web Application Hacker's Toolkit
Web BrowsersIntegrated Testing SuitesStandalone Vulnerability ScannersOther ToolsSummary
Chapter 21: A Web Application Hacker's Methodology
General Guidelines1 Map the Application's Content2 Analyze the Application3 Test Client-Side Controls4 Test the Authentication Mechanism5 Test the Session Management Mechanism6 Test Access Controls7 Test for Input-Based Vulnerabilities8 Test for Function-Specific Input Vulnerabilities9 Test for Logic Flaws10 Test for Shared Hosting Vulnerabilities11 Test for Application Server Vulnerabilities12 Miscellaneous Checks13 Follow Up Any Information Leakage
Index
End User License Agreement

Overview

The highly successful security book returns with a new edition, completely updated

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side.

Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition
Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more
Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks

Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws.

Also available as a set with, CEHv8: Certified Hacker Version 8 Study Guide, Ethical Hacking and Web Hacking Set, 9781119072171.

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.

Read now

Unlock full access

More than 5,000 organizations count on O’Reilly

O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.

Julian F.

Head of Cybersecurity

I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.

Addison B.

Field Engineer

I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.

Amir M.

Data Platform Tech Lead

I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.

Mark W.

Embedded Software Engineer

Publisher Resources

ISBN: 9781118026472Purchase book

Cloud Computing

Data Engineering

Data Science

AI & ML

Programming Languages

Software Architecture

IT/Ops

Security

Design

Business

Soft Skills