June 2021
Beginner to intermediate
355 pages
5h 5m
Chinese
Content preview from Web应用程序安全
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
现代
Web
应用加固
|
229
17.8
应用侦察和攻击技术
在进入第三部分之前,我们在第一部分和第二部分所学的技巧并不是必需的。
但是,对侦察和攻击技术的深入理解,会让你深入掌握如何建立更强大的防
御体系,否则无法取得这样的效果。
在保护
Web
应用程序安全的过程中,请牢记从第一部分中学到的侦察技术。
这些技术将使你深入了解如何伪装你的应用程序以避免被外人所见。它们还
将使你了解如何确定修补程序的优先级,因为你会注意到某些漏洞比其他漏
洞更容易找到。
第二部分中的材料在本节中也很有价值。通过了解黑客为了突破
Web
应用程
序而寻找的常见漏洞,你将会更好地了解,你可以设置哪些类型的防御措施
来减轻这种攻击。关于特定类型的漏洞的知识也有助于你确定修复的优先级,
因为你将了解如果在你的
Web
应用程序中发现了这些漏洞,你的数据将面临
什么样的风险。
本书不是一个综合性的、无所不能的参考书,但也提供了足够的基础知识,
让你在侦察、攻击和防御这三个部分中的任何一个中都能找到更多的信息。
完成这三个部分内容的学习之后,就能让你有一个基础,了解如何在侦察技术、
漏洞和缓解方法方面进行交流。掌握了这些知识,你就可以轻松地加快软件
安全技术学习,并开始指导自学过程,进入你希望精通的那些相关安全领域。
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.