MIU
Image from Google Jackets

Web application security : exploitation and countermeasures for modern web applications / Andrew Hoffman.

By: Material type: TextTextPublisher: Sebastopol, CA : O'Reilly Media, [2020]Copyright date: ©2020Description: xxviii, 298 pages : illustrations ; 23 cmContent type:
  • text
Media type:
  • unmediated
Carrier type:
  • volume
ISBN:
  • 9781492053118
  • 1492053112
Subject(s): DDC classification:
  • 005.8 21 H.A. W 2020
LOC classification:
  • TK5105.59 .H64 2020
Contents:
The history of software security -- Introduction to web application reconnaissance -- The structure of a modern web application -- Finding subdomains -- API analysis -- Identifying third-party dependencies -- Identifying weak points in application architecture -- Introduction to hacking web applications -- Cross-site scripting (XSS) -- Cross-site request forgery (CSRF) -- XML external entity (XXE) -- Injection -- Denial of service (DoS) -- Exploiting third-party dependencies -- Securing modern web applications -- Secure application architecture -- Reviewing code for security -- Vulnerability discovery -- Vulnerability management -- Defending against XSS attacks -- Defending against CSRF attacks -- Defending against XXE -- Defending against injection -- Defending against DoS -- Securing third-party dependencies -- Conclusion.
Summary: While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking, until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications, including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
Tags from this library: No tags from this library for this title. Log in to add tags.
Star ratings
    Average rating: 0.0 (0 votes)
Holdings
Item type Current library Call number Status Date due Barcode
Books Books Main Library Main Stacks 005.8 H.A. W 2020 (Browse shelf(Opens below)) Available 00022151

Includes index.

The history of software security -- Introduction to web application reconnaissance -- The structure of a modern web application -- Finding subdomains -- API analysis -- Identifying third-party dependencies -- Identifying weak points in application architecture -- Introduction to hacking web applications -- Cross-site scripting (XSS) -- Cross-site request forgery (CSRF) -- XML external entity (XXE) -- Injection -- Denial of service (DoS) -- Exploiting third-party dependencies -- Securing modern web applications -- Secure application architecture -- Reviewing code for security -- Vulnerability discovery -- Vulnerability management -- Defending against XSS attacks -- Defending against CSRF attacks -- Defending against XXE -- Defending against injection -- Defending against DoS -- Securing third-party dependencies -- Conclusion.

While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking, until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications, including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.

There are no comments on this title.

to post a comment.

Powered by Koha