Web Application Security. 2nd Edition Andrew Hoffman

Web Application Security. 2nd Edition Andrew Hoffman - okladka książki

Autor:: Andrew Hoffman
Wydawnictwo:: O'Reilly Media (Z chęcią przeczytam książkę w języku polskim)
Ocena:: Bądź pierwszym, który oceni tę książkę
Stron:: 444
Dostępne formaty:: ePub

Mobi

Ebook 29,90 zł najniższa cena z 30 dni

~~249,00 zł~~ (-15%)
211,65 zł

Dodaj do koszyka lub Kup na prezent Kup 1-kliknięciem

29,90 zł najniższa cena z 30 dni

Przenieś na półkę

Do przechowalni

Najczęściej kupowane razem

Web Application Security. 2nd Edition Andrew Hoffman

Bezpieczeństwo nowoczesnych aplikacji internetowych. Przewodnik po zabezpieczeniach Andrew Hoffman

Modern Business Analytics Deanne Larson

Cena zestawu: 452.79 zł

Zyskujesz: 104.21 zł (-19%)

Dodaj do koszyka

In the first edition of this critically acclaimed book, Andrew Hoffman defined the three pillars of application security: reconnaissance, offense, and defense. In this revised and updated second edition, he examines dozens of related topics, from the latest types of attacks and mitigations to threat modeling, the secure software development lifecycle (SSDL/SDLC), and more.

Hoffman, senior staff security engineer at Ripple, also provides information regarding exploits and mitigations for several additional web application technologies such as GraphQL, cloud-based deployments, content delivery networks (CDN) and server-side rendering (SSR). Following the curriculum from the first book, this second edition is split into three distinct pillars comprising three separate skill sets:

Pillar 1: Recon—Learn techniques for mapping and documenting web applications remotely, including procedures for working with web applications
Pillar 2: Offense—Explore methods for attacking web applications using a number of highly effective exploits that have been proven by the best hackers in the world. These skills are valuable when used alongside the skills from Pillar 3.
Pillar 3: Defense—Build on skills acquired in the first two parts to construct effective and long-lived mitigations for each of the attacks described in Pillar 2.

Wybrane bestsellery

O autorze książki

Andrew Hoffman jest starszym inżynierem do spraw bezpieczeństwa w Salesforce.com. Specjalizuje się w zabezpieczeniach drzewa DOM i JavaScriptu. Pracował z dostawcami wszystkich najważniejszych przeglądarek oraz z organizacjami TC39 i WHATWG. Bada również zagadnienia „bezstanowych (bezpiecznych/czystych) modułów”, umożliwiających wykonywanie kodu JavaScript przy znacznie zmniejszonym ryzyku.

Ebooka "Web Application Security. 2nd Edition" przeczytasz na:

czytnikach Inkbook, Kindle, Pocketbook, Onyx Boox i innych
systemach Windows, MacOS i innych

systemach Windows, Android, iOS, HarmonyOS
na dowolnych urządzeniach i aplikacjach obsługujących formaty: PDF, EPub, Mobi

Masz pytania? Zajrzyj do zakładki Pomoc »

Audiobooka "Web Application Security. 2nd Edition" posłuchasz:

w aplikacji Ebookpoint na Android, iOS, HarmonyOs
na systemach Windows, MacOS i innych

na dowolonych urządzeniach
i aplikacjach obsługujących format MP3
(pliki spakowane w ZIP)

Masz pytania? Zajrzyj do zakładki Pomoc »

Kurs Video "Web Application Security. 2nd Edition" zobaczysz:

Oceny i opinie klientów: Web Application Security. 2nd Edition Andrew Hoffman (0)

Szczegóły książki

ISBN Ebooka:: 978-10-981-4389-3, 9781098143893
Data wydania ebooka :: 2024-01-17 Data wydania ebooka często jest dniem wprowadzenia tytułu do sprzedaży i może nie być równoznaczna z datą wydania książki papierowej. Dodatkowe informacje możesz znaleźć w darmowym fragmencie. Jeśli masz wątpliwości skontaktuj się z nami sklep@ebookpoint.pl.
Język publikacji:: 1
Rozmiar pliku ePub:: 13MB
Rozmiar pliku Mobi:: 32.1MB

Zgłoś erratę

Kategorie

Kliknij, aby zgłosić błędnie przypisaną kategorię »

Informatyka » Hacking » Bezpieczeństwo WWW

Spis treści książki

Preface
- Changes from the First Edition
- Prerequisite Knowledge and Learning Goals
- Why Are Examples in JavaScript?
- Why Teach Concepts Instead of Tools?
- Suggested Background
- Minimum Required Skills
- Who Benefits Most from Reading This Book?
  - Software Engineers and Web Application Developers
    - Software engineers
    - Web application developers
  - General Learning Goals
  - Security Engineers, Pen Testers, and Bug Bounty Hunters
- How Is This Book Organized?
  - Recon
  - Offense
  - Defense
- Language and Terminology
- Summary
- Conventions Used in This Book
- OReilly Online Learning
- How to Contact Us
- Acknowledgments
1. The History of Software Security
- The Origins of Hacking
- The Enigma Machine, Circa 1930
- Automated Enigma Code Cracking, Circa 1940
- Telephone Phreaking, Circa 1950
- Anti-Phreaking Technology, Circa 1960
- The Origins of Computer Hacking, Circa 1980
- The Rise of the World Wide Web, Circa 2000
- Hackers in the Modern Era, Circa 2015+
- Summary
I. Recon
2. Introduction to Web Application Reconnaissance
- Information Gathering
- Web Application Mapping
- Summary
3. The Structure of a Modern Web Application
- Modern Versus Legacy Web Applications
- REST APIs
- JavaScript Object Notation
- JavaScript
  - Variables and Scope
  - Functions
  - Context
  - Prototypal Inheritance
  - Asynchrony
  - Browser DOM
- SPA Frameworks
- Authentication and Authorization Systems
  - Authentication
  - Authorization
- Web Servers
- Server-Side Databases
- Client-Side Data Stores
- GraphQL
- Version Control Systems
- CDN/Cache
- Summary
4. Finding Subdomains
- Multiple Applications per Domain
- The Browsers Built-In Network Analysis Tools
- Taking Advantage of Public Records
  - Search Engine Caches
  - Accidental Archives
  - Social Snapshots
    - Twitter API
- Zone Transfer Attacks
- Brute Forcing Subdomains
- Dictionary Attacks
- Summary
5. API Analysis
- Endpoint Discovery
- Authentication Mechanisms
- Endpoint Shapes
  - Common Shapes
  - Application-Specific Shapes
- Summary
6. Identifying Third-Party Dependencies
- Detecting Client-Side Frameworks
  - Detecting SPA Frameworks
    - EmberJS
    - Angular
    - React
    - VueJS
  - Detecting JavaScript Libraries
  - Detecting CSS Libraries
- Detecting Server-Side Frameworks
  - Header Detection
  - Default Error Messages and 404 Pages
  - Database Detection
- Summary
7. Identifying Weak Points in Application Architecture
- Secure Versus Insecure Architecture Signals
- Multiple Layers of Security
- Adoption and Reinvention
- Summary
8. Part I Summary
II. Offense
9. Introduction to Hacking Web Applications
- The Hackers Mindset
- Applied Recon
10. Cross-Site Scripting
- XSS Discovery and Exploitation
- Stored XSS
- Reflected XSS
- DOM-Based XSS
- Mutation-Based XSS
- Bypassing Filters
  - Self-Closing HTML Tags
  - Protocol-Relative URLs
  - Malformed Tags
  - Encoding Escapes
  - Polyglot Payloads
- XSS Sinks and Sources
- Summary
11. Cross-Site Request Forgery
- Query Parameter Tampering
- Alternate GET Payloads
- CSRF Against POST Endpoints
- Bypassing CSRF Defenses
  - Header Validation
  - Token Pools
  - Weak Tokens
  - Content Types
  - Regex Filter Bypasses
  - Iframe Payloads
  - AJAX Payloads
  - Zero Interaction Forms
- Summary
12. XML External Entity
- XXE Fundamentals
- Direct XXE
- Indirect XXE
- Out-of-Band Data Exfiltration
- Account Takeover Workflow
  - Obtaining System User Data
  - Obtaining Password Hashes
  - Cracking Password Hashes
  - SSH Remote Login
- Summary
13. Injection
- SQL Injection
- Code Injection
- Command Injection
- Injection Data Exfiltration Techniques
  - Data Exfiltration Fundamentals
  - In-Band Data Exfiltration
  - Out-of-Band Data Exfiltration
  - Inferential Data Exfiltration
- Bypassing Common Defenses
- Summary
14. Denial of Service
- Regex DoS
- Logical DoS Vulnerabilities
- Distributed DoS
- Advanced DoS
  - YoYo Attacks
  - Compression Attacks
  - Proxy-Based DoS
- Summary
15. Attacking Data and Objects
- Mass Assignment
- Insecure Direct Object Reference
- Serialization Attacks
  - Web Serialization Explained
  - Attacking Weak Serialization
- Summary
16. Client-Side Attacks
- Methods of Attacking a Browser Client
  - Client-Targeted Attacks
  - Client-Specific Attacks
- Advantages of Client-Side Attacks
- Prototype Pollution Attacks
  - Understanding Prototype Pollution
  - Attacking with Prototype Pollution
  - Prototype Pollution Archetypes
    - Denial of service
    - Property injection
    - Remote code execution
- Clickjacking Attacks
  - Camera and Microphone Exploit
  - Creating Clickjacking Exploits
- Tabnabbing and Reverse Tabnabbing
  - Traditional Tabnabbing
  - Reverse Tabnabbing
    - DOM API attack
    - HTML link attack
    - Iframe attack
- Summary
17. Exploiting Third-Party Dependencies
- Methods of Integration
  - Branches and Forks
  - Self-Hosted Application Integrations
  - Source Code Integration
- Package Managers
  - JavaScript
  - Java
  - Other Languages
- Common Vulnerabilities and Exposures Database
- Summary
18. Business Logic Vulnerabilities
- Custom Math Vulnerabilities
- Programmed Side Effects
- Quasi-Cash Attacks
- Vulnerable Standards and Conventions
- Exploiting Business Logic Vulnerabilities
- Summary
19. Part II Summary
III. Defense
20. Securing Modern Web Applications
- Defensive Software Architecture
- Comprehensive Code Reviews
- Vulnerability Discovery
- Vulnerability Analysis
- Vulnerability Management
- Regression Testing
- Mitigation Strategies
- Applied Recon and Offense Techniques
- Summary
21. Secure Application Architecture
- Analyzing Feature Requirements
- Authentication and Authorization
  - Secure Sockets Layer and Transport Layer Security
  - Secure Credentials
  - Hashing Credentials
    - BCrypt
    - PBKDF2
  - MFA
- PII and Financial Data
- Search Engines
- Zero Trust Architecture
  - The History of Zero Trust
  - Implicit Versus Explicit Trust
  - Authentication and Authorization
- Summary
22. Secure Application Configuration
- Content Security Policy
  - Implementing CSP
  - CSP Structure
  - Important Directives
  - CSP Sources and Source Lists
  - Strict CSP
  - Example Secure CSP Policy
- Cross-Origin Resource Sharing
  - Types of CORS Requests
  - Simple CORS Requests
  - Preflighted CORS Requests
  - Implementing CORS
- Headers
  - Strict Transport Security
  - Cross-Origin-Opener Policy (COOP)
  - Cross-Origin-Resource-Policy (CORP)
  - Headers with Security Implications
  - Legacy Security Headers
- Cookies
  - Creating and Securing Cookies
  - Testing Cookies
- Framing and Sandboxing
  - Traditional Iframe
  - Web Workers
  - Subresource Integrity
  - Shadow Realms
- Summary
23. Secure User Experience
- Information Disclosures and Enumeration
  - Information Disclosures
  - Enumeration
- Secure User Experience Best Practices
- Summary
24. Threat Modeling Applications
- Designing an Effective Threat Model
- Threat Modeling by Example
  - Logic Design
  - Technical Design
  - Threat Identification (Threat Actors)
  - Threat Identification (Attack Vectors)
  - Identifying Mitigations
  - Delta Identification
- Summary
25. Reviewing Code for Security
- How to Start a Code Review
- Archetypical Vulnerabilities Versus Business Logic Vulnerabilities
- Where to Start a Security Review
- Secure-Coding Anti-Patterns
  - Blocklists
  - Boilerplate Code
  - Trust-by-Default
  - Client/Server Separation
- Summary
26. Vulnerability Discovery
- Security Automation
  - Static Analysis
  - Dynamic Analysis
  - Vulnerability Regression Testing
- Responsible Disclosure Programs
- Bug Bounty Programs
- Third-Party Penetration Testing
- Summary
27. Vulnerability Management
- Reproducing Vulnerabilities
- Ranking Vulnerability Severity
- Common Vulnerability Scoring System
  - CVSS: Base Scoring
  - CVSS: Temporal Scoring
  - CVSS: Environmental Scoring
- Advanced Vulnerability Scoring
- Beyond Triage and Scoring
- Summary
28. Defending Against XSS Attacks
- Anti-XSS Coding Best Practices
- Sanitizing User Input
  - DOMParser Sink
  - SVG Sink
  - Blob Sink
  - Sanitizing Hyperlinks
  - HTML Entity Encoding
- CSS XSS
- Content Security Policy for XSS Prevention
  - Script Source
  - Unsafe Eval and Unsafe Inline
  - Implementing a CSP
- Summary
29. Defending Against CSRF Attacks
- Header Verification
- CSRF Tokens
- Anti-CRSF Coding Best Practices
  - Stateless GET Requests
  - Application-Wide CSRF Mitigation
    - Anti-CSRF middleware
- Summary
30. Defending Against XXE
- Evaluating Other Data Formats
- Advanced XXE Risks
- Summary
31. Defending Against Injection
- Mitigating SQL Injection
  - Detecting SQL Injection
  - Prepared Statements
  - Database-Specific Defenses
- Generic Injection Defenses
  - Potential Injection Targets
  - Principle of Least Authority
  - Allowlisting Commands
- Summary
32. Defending Against DoS
- Protecting Against Regex DoS
- Protecting Against Logical DoS
- Protecting Against DDoS
- Summary
33. Defending Data and Objects
- Defending Against Mass Assignment
  - Validation and Allowlisting
  - Data Transfer Objects
- Defending Against IDOR
- Defending Against Serialization Attacks
- Summary
34. Defense Against Client-Side Attacks
- Defending Against Prototype Pollution
  - Key Sanitization
  - Prototype Freezing
  - Null Prototypes
- Defending Against Clickjacking
  - Frame Ancestors
  - Framebusting
- Defending Against Tabnabbing
  - Cross-Origin-Opener Policy
  - Link Blockers
- Isolation Policies
- Summary
35. Securing Third-Party Dependencies
- Evaluating Dependency Trees
  - Modeling a Dependency Tree
  - Dependency Trees in the Real World
  - Automated Evaluation
- Secure Integration Techniques
  - Separation of Concerns
  - Secure Package Management
- Summary
36. Mitigating Business Logic Vulnerabilities
- Architecture-Level Mitigations
- Statistical Modeling
  - Modeling Inputs
  - Modeling Actions
  - Model Development
  - Model Analysis
- Summary
37. Part III Summary
Conclusion
- The History of Software Security
- Recon
- Offense
- Defense
- More to Learn
Index