Congratulations, you have made it through each major part of Web Application Security: Exploitation and Countermeasures for Modern Web Applications. You now have knowledge regarding web application recon, offensive hacking techniques for use against web applications, and defensive mitigations and best practices that can be employed to reduce the risk of your application getting hacked.

In this Conclusion, I will point out some of the key topics discussed in each part. Consider reading through to the end and revisiting any of the following topics if you need a refresher.

The History of Software Security

With proper evaluation of historical events, we can see the origins of modern defensive and offensive techniques. From these origins we can better understand the direction in which software has developed and make use of historical lessons while developing next-generation offensive and defensive techniques. Here are the main takeaways from Chapter 1:

Telephone phreaking
  • In order to scale telephone networks, manual operators were replaced with automation that relied on sound frequencies to connect telephones to each other.

  • Early hackers, known as “phreakers,” learned to emulate these frequencies and take advantage of administrative tones that allowed them to place calls without paying for them.

  • In response to phreaking, scientists at Bell Labs developed a dual-tone multifrequency (DTMF) system that was not easily reproducible. For a long period of time, this eliminated ...

Get Web Application Security, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.