| 000 -LEADER |
|---|
| fixed length control field |
02960cam a2200421 i 4500 |
| 001 - CONTROL NUMBER |
|---|
| control field |
M17882 |
| 003 - CONTROL NUMBER IDENTIFIER |
|---|
| control field |
EG-CaMIU |
| 005 - DATE AND TIME OF LATEST TRANSACTION |
|---|
| control field |
20220622121858.0 |
| 008 - FIXED-LENGTH DATA ELEMENTS--GENERAL INFORMATION |
|---|
| fixed length control field |
191129t20202020caua f 001 0 eng d |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
9781492053118 |
| 020 ## - INTERNATIONAL STANDARD BOOK NUMBER |
|---|
| International Standard Book Number |
1492053112 |
| 035 ## - SYSTEM CONTROL NUMBER |
|---|
| System control number |
(OCoLC)1129100189 |
| 040 ## - CATALOGING SOURCE |
|---|
| Original cataloging agency |
YDX |
| Language of cataloging |
eng |
| Description conventions |
rda |
| Transcribing agency |
YDX |
| Modifying agency |
BDX |
| -- |
CDX |
| -- |
OCLCF |
| -- |
JRZ |
| -- |
EG-CaMIU |
| 050 #0 - LIBRARY OF CONGRESS CALL NUMBER |
|---|
| Classification number |
TK5105.59 |
| Item number |
.H64 2020 |
| 082 00 - DEWEY DECIMAL CLASSIFICATION NUMBER |
|---|
| Classification number |
005.8 |
| Edition number |
21 |
| Item number |
H.A. W 2020 |
| 090 ## - LOCALLY ASSIGNED LC-TYPE CALL NUMBER (OCLC); LOCAL CALL NUMBER (OCLC) |
|---|
| Classification number (OCLC) (R) ; Classification number, CALL (RLIN) (NR) |
005.8 HOF |
| 100 1# - MAIN ENTRY--PERSONAL NAME |
|---|
| Personal name |
Hoffman, Andrew J., |
| Relator term |
author. |
| 245 10 - TITLE STATEMENT |
|---|
| Title |
Web application security : |
| Remainder of title |
exploitation and countermeasures for modern web applications / |
| Statement of responsibility, etc |
Andrew Hoffman. |
| 264 #1 - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Place of publication, distribution, etc |
Sebastopol, CA : |
| Name of publisher, distributor, etc |
O'Reilly Media, |
| Date of publication, distribution, etc |
[2020] |
| 264 #4 - PUBLICATION, DISTRIBUTION, ETC. (IMPRINT) |
|---|
| Date of publication, distribution, etc |
©2020 |
| 300 ## - PHYSICAL DESCRIPTION |
|---|
| Extent |
xxviii, 298 pages : |
| Other physical details |
illustrations ; |
| Dimensions |
23 cm |
| 336 ## - CONTENT TYPE |
|---|
| Content type term |
text |
| Content type code |
txt |
| Source |
rdacontent |
| 337 ## - MEDIA TYPE |
|---|
| Media type term |
unmediated |
| Media type code |
n |
| Source |
rdamedia |
| 338 ## - CARRIER TYPE |
|---|
| Carrier type term |
volume |
| Carrier type code |
nc |
| Source |
rdacarrier |
| 500 ## - GENERAL NOTE |
|---|
| General note |
Includes index. |
| 505 0# - FORMATTED CONTENTS NOTE |
|---|
| Formatted contents note |
The history of software security -- Introduction to web application reconnaissance -- The structure of a modern web application -- Finding subdomains -- API analysis -- Identifying third-party dependencies -- Identifying weak points in application architecture -- Introduction to hacking web applications -- Cross-site scripting (XSS) -- Cross-site request forgery (CSRF) -- XML external entity (XXE) -- Injection -- Denial of service (DoS) -- Exploiting third-party dependencies -- Securing modern web applications -- Secure application architecture -- Reviewing code for security -- Vulnerability discovery -- Vulnerability management -- Defending against XSS attacks -- Defending against CSRF attacks -- Defending against XXE -- Defending against injection -- Defending against DoS -- Securing third-party dependencies -- Conclusion. |
| 520 ## - SUMMARY, ETC. |
|---|
| Summary, etc |
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking, until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications, including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Computer networks |
| General subdivision |
Security measures. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
World Wide Web |
| General subdivision |
Security measures. |
| 650 #0 - SUBJECT ADDED ENTRY--TOPICAL TERM |
|---|
| Topical term or geographic name as entry element |
Application software. |
| 942 ## - ADDED ENTRY ELEMENTS (KOHA) |
|---|
| Source of classification or shelving scheme |
|
| Item type |
Books |
| Suppress in OPAC |
005.8 H.A. W 2020 |
| 945 ## - LOCAL PROCESSING INFORMATION (OCLC) |
|---|
| d |
CS |
| 947 ## - LOCAL PROCESSING INFORMATION (OCLC) |
|---|
| f |
1BEN |
| h |
1BARCO |
| q |
1 |
| 947 ## - LOCAL PROCESSING INFORMATION (OCLC) |
|---|
| f |
2UCO |
| h |
2UANF |
| q |
1 |
| 947 ## - LOCAL PROCESSING INFORMATION (OCLC) |
|---|
| f |
3ARA |
| h |
CDANF |
| q |
1 |
| 947 ## - LOCAL PROCESSING INFORMATION (OCLC) |
|---|
| f |
3ARA |
| h |
HSANF |
| q |
1 |
| 947 ## - LOCAL PROCESSING INFORMATION (OCLC) |
|---|
| f |
3ARA |
| h |
SSANF |
| q |
1 |
