| 000 | 02960cam a2200421 i 4500 | ||
|---|---|---|---|
| 999 |
_c14940 _d14940 |
||
| 001 | M17882 | ||
| 003 | EG-CaMIU | ||
| 005 | 20220622121858.0 | ||
| 008 | 191129t20202020caua f 001 0 eng d | ||
| 020 | _a9781492053118 | ||
| 020 | _a1492053112 | ||
| 035 | _a(OCoLC)1129100189 | ||
| 040 |
_aYDX _beng _erda _cYDX _dBDX _dCDX _dOCLCF _dJRZ _dEG-CaMIU |
||
| 050 | 0 |
_aTK5105.59 _b.H64 2020 |
|
| 082 | 0 | 0 |
_a005.8 _221 _bH.A. W 2020 |
| 090 | _a005.8 HOF | ||
| 100 | 1 |
_aHoffman, Andrew J., _eauthor. |
|
| 245 | 1 | 0 |
_aWeb application security : _bexploitation and countermeasures for modern web applications / _cAndrew Hoffman. |
| 264 | 1 |
_aSebastopol, CA : _bO'Reilly Media, _c[2020] |
|
| 264 | 4 | _c©2020 | |
| 300 |
_axxviii, 298 pages : _billustrations ; _c23 cm |
||
| 336 |
_atext _btxt _2rdacontent |
||
| 337 |
_aunmediated _bn _2rdamedia |
||
| 338 |
_avolume _bnc _2rdacarrier |
||
| 500 | _aIncludes index. | ||
| 505 | 0 | _aThe history of software security -- Introduction to web application reconnaissance -- The structure of a modern web application -- Finding subdomains -- API analysis -- Identifying third-party dependencies -- Identifying weak points in application architecture -- Introduction to hacking web applications -- Cross-site scripting (XSS) -- Cross-site request forgery (CSRF) -- XML external entity (XXE) -- Injection -- Denial of service (DoS) -- Exploiting third-party dependencies -- Securing modern web applications -- Secure application architecture -- Reviewing code for security -- Vulnerability discovery -- Vulnerability management -- Defending against XSS attacks -- Defending against CSRF attacks -- Defending against XXE -- Defending against injection -- Defending against DoS -- Securing third-party dependencies -- Conclusion. | |
| 520 | _aWhile many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking, until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications, including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers. | ||
| 650 | 0 |
_aComputer networks _xSecurity measures. |
|
| 650 | 0 |
_aWorld Wide Web _xSecurity measures. |
|
| 650 | 0 | _aApplication software. | |
| 942 |
_2ddc _cBK _n005.8 H.A. W 2020 |
||
| 945 | _dCCSS | ||
| 947 |
_f1BEN _h1BARCO _q1 |
||
| 947 |
_f2UCO _h2UANF _q1 |
||
| 947 |
_f3ARA _hCDANF _q1 |
||
| 947 |
_f3ARA _hHSANF _q1 |
||
| 947 |
_f3ARA _hSSANF _q1 |
||