Details
The Web Application Hacker's Handbook
Finding and Exploiting Security Flaws2. Aufl.
|
38,99 € |
|
| Verlag: | Wiley |
| Format: | EPUB |
| Veröffentl.: | 31.08.2011 |
| ISBN/EAN: | 9781118175248 |
| Sprache: | englisch |
| Anzahl Seiten: | 912 |
DRM-geschütztes eBook, Sie benötigen z.B. Adobe Digital Editions und eine Adobe ID zum Lesen.
Beschreibungen
<b>The highly successful security book returns with a new edition, completely updated</b> <p>Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side.</p> <ul> <li>Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition</li> <li>Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more</li> <li>Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks</li> </ul> <p>Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws.<br /><br /><br /></p>
<p>Introduction xxiii</p> <p><b>Chapter 1 Web Application (In)security 1</b></p> <p>The Evolution of Web Applications 2</p> <p>Web Application Security 6</p> <p>Summary 15</p> <p><b>Chapter 2 Core Defense Mechanisms 17</b></p> <p>Handling User Access 18</p> <p>Handling User Input 21</p> <p>Handling Attackers 30</p> <p>Managing the Application 35</p> <p>Summary 36</p> <p>Questions 36</p> <p><b>Chapter 3 Web Application Technologies 39</b></p> <p>The HTTP Protocol 39</p> <p>Web Functionality 51</p> <p>Encoding Schemes 66</p> <p>Next Steps 70</p> <p>Questions 71</p> <p><b>Chapter 4 Mapping the Application 73</b></p> <p>Enumerating Content and Functionality 74</p> <p>Analyzing the Application 97</p> <p>Summary 114</p> <p>Questions 114</p> <p><b>Chapter 5 Bypassing Client-Side Controls 117</b></p> <p>Transmitting Data Via the Client 118</p> <p>Capturing User Data: HTML Forms 127</p> <p>Capturing User Data: Browser Extensions 133</p> <p>Handling Client-Side Data Securely 154</p> <p>Summary 156</p> <p>Questions 157</p> <p><b>Chapter 6 Attacking Authentication 159</b></p> <p>Authentication Technologies 160</p> <p>Design Flaws in Authentication Mechanisms 161</p> <p>Implementation Flaws in Authentication 185</p> <p>Securing Authentication 191</p> <p>Summary 201</p> <p>Questions 202</p> <p><b>Chapter 7 Attacking Session Management 205</b></p> <p>The Need for State 206</p> <p>Weaknesses in Token Generation 210</p> <p>Weaknesses in Session Token Handling 233</p> <p>Securing Session Management 248</p> <p>Summary 254</p> <p>Questions 255</p> <p><b>Chapter 8 Attacking Access Controls 257</b></p> <p>Common Vulnerabilities 258</p> <p>Attacking Access Controls 266</p> <p>Securing Access Controls 278</p> <p>Summary 284</p> <p>Questions 284</p> <p><b>Chapter 9 Attacking Data Stores 287</b></p> <p>Injecting into Interpreted Contexts 288</p> <p>Injecting into SQL 291</p> <p>Injecting into NoSQL 342</p> <p>Injecting into XPath 344</p> <p>Injecting into LDAP 349</p> <p>Summary 354</p> <p>Questions 354</p> <p><b>Chapter 10 Attacking Back-End Components 357</b></p> <p>Injecting OS Commands 358</p> <p>Manipulating File Paths 368</p> <p>Injecting into XML Interpreters 383</p> <p>Injecting into Back-end HTTP Requests 390</p> <p>Injecting into Mail Services 397</p> <p>Summary 402</p> <p>Questions 403</p> <p><b>Chapter 11 Attacking Application Logic 405</b></p> <p>The Nature of Logic Flaws 406</p> <p>Real-World Logic Flaws 406</p> <p>Avoiding Logic Flaws 428</p> <p>Summary 429</p> <p>Questions 430</p> <p><b>Chapter 12 Attacking Users: Cross-Site Scripting 431</b></p> <p>Varieties of XSS 433</p> <p>XSS Attacks in Action 442</p> <p>Finding and Exploiting XSS Vulnerabilities 451</p> <p>Preventing XSS Attacks 492</p> <p>Summary 498</p> <p>Questions 498</p> <p><b>Chapter 13 Attacking Users: Other Techniques 501</b></p> <p>Inducing User Actions 501</p> <p>Capturing Data Cross-Domain 515</p> <p>The Same-Origin Policy Revisited 524</p> <p>Other Client-Side Injection Attacks 531</p> <p>Local Privacy Attacks 550</p> <p>Attacking ActiveX Controls 555</p> <p>Attacking the Browser 559</p> <p>Summary 568</p> <p>Questions 568</p> <p><b>Chapter 14 Automating Customized Attacks 571</b></p> <p>Uses for Customized Automation 572</p> <p>Enumerating Valid Identifiers 573</p> <p>Harvesting Useful Data 583</p> <p>Fuzzing for Common Vulnerabilities 586</p> <p>Putting It All Together: Burp Intruder 590</p> <p>Barriers to Automation 602</p> <p>Summary 613</p> <p>Questions 613</p> <p><b>Chapter 15 Exploiting Information Disclosure 615</b></p> <p>Exploiting Error Messages 615</p> <p>Gathering Published Information 625</p> <p>Using Inference 626</p> <p>Preventing Information Leakage 627</p> <p>Summary 629</p> <p>Questions 630</p> <p><b>Chapter 16 Attacking Native Compiled Applications 633</b></p> <p>Buffer Overflow Vulnerabilities 634 </p> <p>Integer Vulnerabilities 640</p> <p>Format String Vulnerabilities 643</p> <p>Summary 645</p> <p>Questions 645</p> <p><b>Chapter 17 Attacking Application Architecture 647</b></p> <p>Tiered Architectures 647</p> <p>Shared Hosting and Application Service Providers 656</p> <p>Summary 667</p> <p>Questions 667</p> <p><b>Chapter 18 Attacking the Application Server 669</b></p> <p>Vulnerable Server Configuration 670</p> <p>Vulnerable Server Software 684</p> <p>Web Application Firewalls 697</p> <p>Summary 699</p> <p>Questions 699</p> <p><b>Chapter 19 Finding Vulnerabilities in Source Code 701</b></p> <p>Approaches to Code Review 702</p> <p>Signatures of Common Vulnerabilities 704</p> <p>The Java Platform 711</p> <p>ASP.NET 718</p> <p>PHP 724</p> <p>Perl 735</p> <p>JavaScript 740</p> <p>Database Code Components 741</p> <p>Tools for Code Browsing 743</p> <p>Summary 744</p> <p>Questions 744</p> <p><b>Chapter 20 A Web Application Hacker’s Toolkit 747</b></p> <p>Web Browsers 748</p> <p>Integrated Testing Suites 751</p> <p>Standalone Vulnerability Scanners 773</p> <p>Other Tools 785</p> <p>Summary 789</p> <p><b>Chapter 21 A Web Application Hacker’s Methodology 791</b></p> <p>General Guidelines 793</p> <p>1 Map the Application’s Content 795</p> <p>2 Analyze the Application 798</p> <p>3 Test Client-Side Controls 800</p> <p>4 Test the Authentication Mechanism 805</p> <p>5 Test the Session Management Mechanism 814</p> <p>6 Test Access Controls 821</p> <p>7 Test for Input-Based Vulnerabilities 824</p> <p>8 Test for Function-Specific Input Vulnerabilities 836</p> <p>9 Test for Logic Flaws 842</p> <p>10 Test for Shared Hosting Vulnerabilities 845</p> <p>11 Test for Application Server Vulnerabilities 846</p> <p>12 Miscellaneous Checks 849</p> <p>13 Follow Up Any Information Leakage 852</p> <p>Index 853</p>
<b>DAFYDD STUTTARD</b> is an independent security consultant, author, and software developer specializing in penetration testing of web applications and compiled software. Under the alias PortSwigger, Dafydd created the popular Burp Suite of hacking tools. <p><b>MARCUS PINTO</b> delivers security consultancy and training on web application attack and defense to leading global organizations in the financial, government, telecom, gaming, and retail sectors.<br /> The authors cofounded MDSec, a consulting company that provides training in attack and defense-based security.</p>
<b>New technologies. New attack techniques. Start hacking.</b> <p>Web applications are everywhere, and they're insecure. Banks, retailers, and others have deployed millions of applications that are full of holes, allowing attackers to steal personal data, carry out fraud, and compromise other systems. This book shows you how they do it.</p> <p>This fully updated edition contains the very latest attack techniques and countermeasures, showing you how to break into today's complex and highly functional applications. Roll up your sleeves and dig in.</p> <ul> <li> <p>Discover how cloud architectures and social networking have added exploitable attack surfaces to applications</p> </li> <li> <p>Leverage the latest HTML features to deliver powerful cross-site scripting attacks</p> </li> <li> <p>Deliver new injection exploits, including XML external entity and HTTP parameter pollution attacks</p> </li> <li> <p>Learn how to break encrypted session tokens and other sensitive data found in cloud services</p> </li> <li> <p>Discover how technologies like HTML5, REST, CSS and JSON can be exploited to attack applications and compromise users</p> </li> <li> <p>Learn new techniques for automating attacksand dealing with CAPTCHAs and cross-site request forgery tokens</p> </li> <li> <p>Steal sensitive data across domains using seemingly harmless application functions and new browser features</p> </li> </ul> <p>Find help and resources at http://mdsec.net/wahh</p> <ul> <li> <p>Source code for some of the scripts in the book</p> </li> <li> <p>Links to tools and other resources</p> </li> <li> <p>A checklist of tasks involved in most attacks</p> </li> <li> <p>Answers to the questions posed in each chapter</p> </li> <li> <p>Hundreds of interactive vulnerability labs</p> </li> </ul>
Diese Produkte könnten Sie auch interessieren:
Autonomic Communication
von: Athanasios V. Vasilakos, Manish Parashar, Stamatis Karnouskos, Witold Pedrycz
149,79 €
