Web Application Security
Exploitation and Countermeasures for Modern Web Applications
Book Details
| Author | Andrew Hoffman |
| Publisher | O'Reilly Media |
| Published | 2020 |
| Edition | 1 |
| Paperback | 331 pages |
| Language | English |
| ISBN-13 | 9781492053118 |
| ISBN-10 | 1492053112 |
| License | Compliments of Nginx |
Book Description
While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.
Andrew Hoffman, a senior security engineer at Salesforce, introduces three pillars of web application security: recon, offense, and defense. You'll learn methods for effectively researching and analyzing modern web applications - including those you don't have direct access to. You'll also learn how to break into web applications using the latest hacking techniques. Finally, you'll learn how to develop mitigations for use in your own web applications to protect against hackers.
- Explore common vulnerabilities plaguing today's web applications;
- Learn essential hacking techniques attackers use to exploit applications;
- Map and document web applications for which you don't have direct access;
- Develop and deploy customized exploits that can bypass common defenses;
- Develop and deploy mitigations to protect your applications against hackers;
- Integrate secure coding best practices into your development lifecycle;
- Get practical tips to help you improve the overall security of your web applications.
This book is published as open-access, which means it is freely available to read, download, and share without restrictions.
If you enjoyed the book and would like to support the author, you can purchase a printed copy (hardcover or paperback) from official retailers.
Download and Read Links
Share This Book
[localhost]# find . -name "*Similar_Books*"
Managing Risk and Information Security, 2nd Edition
Examine the evolving enterprise security landscape and discover how to manage and survive risk. While based primarily on the author's experience and insights at major companies where he has served as CISO and CSPO, the book also includes many examples from other well-known companies and provides guidance for a management-level audience. Managing Ri
Intel Galileo and Intel Galileo Gen 2
Intel Galileo and Intel Galileo Gen 2: API Features and Arduino Projects for Linux Programmers provides detailed information about Intel Galileo and Intel Galileo Gen 2 boards for all software developers interested in Arduino and the Linux platform. The book covers the new Arduino APIs and is an introduction for developers on natively using Linux.
Test-Driven Development with Python
By taking you through the development of a real web application from beginning to end, this hands-on guide demonstrates the practical advantages of test-driven development (TDD) with Python. You'll learn how to write and run tests before building each part of your app, and then develop the minimum amount of code required to pass those tests. The re
Creative Scala
Creative Scala is designed for developers with no prior experience in Scala, offering a fun and gentle introduction to functional programming. The book assumes only basic familiarity with another programming language and little to no exposure to Scala or functional programming concepts. The authors have three main objectives with this book: 1. Intr
Hacking Exposed Web Applications
In today's world of pervasive Internet connectivity and rapidly evolving Web technology, online security is as critical as it is challenging. With the enhanced availability of information and services online and Web-based attacks and break-ins on the rise, security risks are at an all time high. Hacking Exposed Web Applications shows you, step-by-s
Architect Modern Web Applications with ASP.NET Core and Azure
The audience for this guide is mainly developers, development leads, and architects who are interested in building modern web applications using Microsoft technologies and services in the cloud. A secondary audience is technical decision makers who are already familiar ASP.NET or Azure and are looking for information on whether it makes sense to up