Op werkdagen voor 23:00 besteld, morgen in huis Gratis verzending vanaf €20

Web Application Security

Exploitation and Countermeasures for Modern Web Applications

Paperback Engels 2020
Verkooppositie 1807
Verwachte levertijd ongeveer 8 werkdagen

Samenvatting

While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking—until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.

Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You’ll learn methods for effectively researching and analyzing modern web applications—including those you don’t have direct access to. You’ll also learn how to break into web applications using the latest hacking techniques. Finally, you’ll learn how to develop mitigations for use in your own web applications to protect against hackers.

- Explore common vulnerabilities plaguing today's web applications
- Learn essential hacking techniques attackers use to exploit applications
- Map and document web applications for which you don’t have direct access
- Develop and deploy customized exploits that can bypass common defenses
- Develop and deploy mitigations to protect your applications against hackers
- Integrate secure coding best practices into your development lifecycle
- Get practical tips to help you improve the overall security of your web applications

Specificaties

ISBN13:9781492053118
Taal:Engels
Bindwijze:paperback
Aantal pagina's:450
Uitgever:O'Reilly
Druk:1
Verschijningsdatum:19-3-2020

Lezersrecensies

Wees de eerste die een lezersrecensie schrijft!

Geef uw waardering

Zeer goed Goed Voldoende Matig Slecht

Over Andrew Hoffman

Andrew Hoffman is a product security lead at Salesforce.com, where he is responsible for the security of multiple JavaScript, NodeJS, and OSS teams. His expertise is in deep DOM and JavaScript security vulnerabilities. He has worked with every major browser vendor, as well as with TC39 and WHATWG ? the organizations responsible for the upcoming version of JavaScript and the browser DOM spec. Prior to this role, Andrew was a software security engineer working on Locker Service, the world's first JavaScript namespace isolation library that operates from the interpreter level up. In parallel, Andrew also contributed to the upcoming JavaScript language security feature "Realms," which provides language level namespace isolation to JavaScript.

Andere boeken door Andrew Hoffman

Inhoudsopgave

Preface
Prerequisite Knowledge and Learning Goals
Suggested Background
Minimum Required Skills
Who Benefits Most from Reading This Book?
Software Engineers and Web Application Developers
General Learning Goals
Security Engineers, Pen Testers, and Bug Bounty Hunters
How Is This Book Organized?
Recon
Offense
Defense
Language and Terminology
Summary
Conventions Used in This Book
O’Reilly Online Learning
How to Contact Us
1. The History of Software Security
The Origins of Hacking
The Enigma Machine, Circa 1930
Automated Enigma Code Cracking, Circa 1940
Introducing the “Bombe”
Telephone “Phreaking,” Circa 1950
Anti-Phreaking Technology, Circa 1960
The Origins of Computer Hacking, Circa 1980
The Rise of the World Wide Web, Circa 2000
Hackers in the Modern Era, Circa 2015+
Summary

Part I: Recon
2. Introduction to Web Application Reconnaissance
Information Gathering
Web Application Mapping
Summary

3. The Structure of a Modern Web Application
Modern Versus Legacy Web Applications
REST APIs
JavaScript Object Notation
JavaScript
Variables and Scope
Functions
Context
Prototypal Inheritance
Asynchrony
Browser DOM
SPA Frameworks
Authentication and Authorization Systems
Authentication
Authorization
Web Servers
Server-Side Databases
Client-Side Data Stores
Summary

4. Finding Subdomains
Multiple Applications per Domain
The Browser’s Built-In Network Analysis Tools
Taking Advantage of Public Records
Search Engine Caches
Accidental Archives
Social Snapshots
Zone Transfer Attacks
Brute Forcing Subdomains
Dictionary Attacks
Summary

5. API Analysis
Endpoint Discovery
Authentication Mechanisms
Endpoint Shapes
Common Shapes
Application-Specific Shapes
Summary

6. Identifying Third-Party Dependencies
Detecting Client-Side Frameworks
Detecting SPA Frameworks
Detecting JavaScript Libraries
Detecting CSS Libraries
Detecting Server-Side Frameworks
Header Detection
Default Error Messages and 404 Pages
Database Detection
Summary

7. Identifying Weak Points in Application Architecture
Secure Versus Insecure Architecture Signals
Multiple Layers of Security
Adoption and Reinvention
Summary

8. Part I Summary

Part II: Offense
9. Introduction to Hacking Web Applications
The Hacker’s Mindset
Applied Recon

10. Cross-Site Scripting (XSS)
XSS Discovery and Exploitation
Stored XSS
Reflected XSS
DOM-Based XSS
Mutation-Based XSS
Summary

11. Cross-Site Request Forgery (CSRF)
Query Parameter Tampering
Alternate GET Payloads
CSRF Against POST Endpoints
Summary

12. XML External Entity (XXE)
Direct XXE
Indirect XXE
Summary

13. Injection
SQL Injection
Code Injection
Command Injection
Summary

14. Denial of Service (DoS)
regex DoS (ReDoS)
Logical DoS Vulnerabilities
Distributed DoS
Summary

15. Exploiting Third-Party Dependencies
Methods of Integration
Branches and Forks
Self-Hosted Application Integrations
Source Code Integration
Package Managers
JavaScript
Java
Other Languages
Common Vulnerabilities and Exposures Database
Summary

16. Part II Summary

Part III: Defense
17. Securing Modern Web Applications
Defensive Software Architecture
Comprehensive Code Reviews
Vulnerability Discovery
Vulnerability Analysis
Vulnerability Management
Regression Testing
Mitigation Strategies
Applied Recon and Offense Techniques

18. Secure Application Architecture
Analyzing Feature Requirements
Authentication and Authorization
Secure Sockets Layer and Transport Layer Security
Secure Credentials
Hashing Credentials
2FA
PII and Financial Data
Searching
Summary

19. Reviewing Code for Security
How to Start a Code Review
Archetypical Vulnerabilities Versus Custom Logic Bugs
Where to Start a Security Review
Secure-Coding Anti-Patterns
Blacklists
Boilerplate Code
Trust-By-Default Anti-Pattern
Client/Server Separation
Summary

20. Vulnerability Discovery
Security Automation
Static Analysis
Dynamic Analysis
Vulnerability Regression Testing
Responsible Disclosure Programs
Bug Bounty Programs
Third-Party Penetration Testing
Summary

21. Vulnerability Management
Reproducing Vulnerabilities
Ranking Vulnerability Severity
Common Vulnerability Scoring System
CVSS: Base Scoring
CVSS: Temporal Scoring
CVSS: Environmental Scoring
Advanced Vulnerability Scoring
Beyond Triage and Scoring
Summary

22. Defending Against XSS Attacks
Anti-XSS Coding Best Practices
Sanitizing User Input
DOMParser Sink
SVG Sink
Blob Sink
Sanitizing Hyperlinks
HTML Entity Encoding
CSS
Content Security Policy for XSS Prevention
Script Source
Unsafe Eval and Unsafe Inline
Implementing a CSP
Summary

23. Defending Against CSRF Attacks
Header Verification
CSRF Tokens
Stateless CSRF Tokens
Anti-CRSF Coding Best Practices
Stateless GET Requests
Application-Wide CSRF Mitigation
Summary

24. Defending Against XXE
Evaluating Other Data Formats
Advanced XXE Risks
Summary

25. Defending Against Injection
Mitigating SQL Injection
Detecting SQL Injection
Prepared Statements
Database-Specific Defenses
Generic Injection Defenses
Potential Injection Targets
Principle of Least Authority
Whitelisting Commands
Summary

26. Defending Against DoS
Protecting Against Regex DoS
Protecting Against Logical DoS
Protecting Against DDoS
DDoS Mitigation
Summary

27. Securing Third-Party Dependencies
Evaluating Dependency Trees
Modeling a Dependency Tree
Dependency Trees in the Real World
Automated Evaluation
Secure Integration Techniques
Separation of Concerns
Secure Package Management
Summary

Part III: Summary
28. The History of Software Security
Web Application Reconnaissance
Offense
Defense

29. Conclusion

Index

Managementboek TOP 5

Rubrieken

Populaire producten

    Personen

      Trefwoorden

        Web Application Security