January 2024
Intermediate to advanced
444 pages
11h 10m
English
Content preview from Web Application Security, 2nd Edition
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Conclusion
Congratulations, you have made it through each major part of Web Application Security: Exploitation and Countermeasures for Modern Web Applications. You now have knowledge regarding web application recon, offensive hacking techniques for use against web applications, and defensive mitigations and best practices that can be employed to reduce the risk of your application getting hacked.
In this Conclusion, I will point out some of the key topics discussed in each part. Consider reading through to the end and revisiting any of the following topics if you need a refresher.
The History of Software Security
With proper evaluation of historical events, we can see the origins of modern defensive and offensive techniques. From these origins we can better understand the direction in which software has developed and make use of historical lessons while developing next-generation offensive and defensive techniques. Here are the main takeaways from Chapter 1:
- Telephone phreaking
-
-
In order to scale telephone networks, manual operators were replaced with automation that relied on sound frequencies to connect telephones to each other.
-
Early hackers, known as “phreakers,” learned to emulate these frequencies and take advantage of administrative tones that allowed them to place calls without paying for them.
-
In response to phreaking, scientists at Bell Labs developed a dual-tone multifrequency (DTMF) system that was not easily reproducible. For a long period of time, this eliminated ...
-