Log In
Or create an account ->
Imperial Library
Home
About
News
Upload
Forum
Help
Login/SignUp
Index
Cover
Title page
Copyright
About the Authors
About the Technical Editor
MDSec: The Authors’ Company
Credits
Acknowledgments
Introduction
Chapter 1: Web Application (In)security
The Evolution of Web Applications
Web Application Security
Summary
Chapter 2: Core Defense Mechanisms
Handling User Access
Handling User Input
Handling Attackers
Managing the Application
Summary
Questions
Chapter 3: Web Application Technologies
The HTTP Protocol
Web Functionality
Encoding Schemes
Next Steps
Questions
Chapter 4: Mapping the Application
Enumerating Content and Functionality
Analyzing the Application
Summary
Questions
Chapter 5: Bypassing Client-Side Controls
Transmitting Data Via the Client
Capturing User Data: HTML Forms
Capturing User Data: Browser Extensions
Handling Client-Side Data Securely
Summary
Questions
Chapter 6: Attacking Authentication
Authentication Technologies
Design Flaws in Authentication Mechanisms
Implementation Flaws in Authentication
Securing Authentication
Summary
Questions
Chapter 7: Attacking Session Management
The Need for State
Weaknesses in Token Generation
Weaknesses in Session Token Handling
Securing Session Management
Summary
Questions
Chapter 8: Attacking Access Controls
Common Vulnerabilities
Attacking Access Controls
Securing Access Controls
Summary
Questions
Chapter 9: Attacking Data Stores
Injecting into Interpreted Contexts
Injecting into SQL
Injecting into NoSQL
Injecting into XPath
Injecting into LDAP
Summary
Questions
Chapter 10: Attacking Back-End Components
Injecting OS Commands
Manipulating File Paths
Injecting into XML Interpreters
Injecting into Back-end HTTP Requests
Injecting into Mail Services
Summary
Questions
Chapter 11: Attacking Application Logic
The Nature of Logic Flaws
Real-World Logic Flaws
Avoiding Logic Flaws
Summary
Questions
Chapter 12: Attacking Users: Cross-Site Scripting
Varieties of XSS
XSS Attacks in Action
Finding and Exploiting XSS Vulnerabilities
Preventing XSS Attacks
Summary
Questions
Chapter 13: Attacking Users: Other Techniques
Inducing User Actions
Capturing Data Cross-Domain
The Same-Origin Policy Revisited
Other Client-Side Injection Attacks
Local Privacy Attacks
Attacking ActiveX Controls
Attacking the Browser
Summary
Questions
Chapter 14: Automating Customized Attacks
Uses for Customized Automation
Enumerating Valid Identifiers
Harvesting Useful Data
Fuzzing for Common Vulnerabilities
Putting It All Together: Burp Intruder
Barriers to Automation
Summary
Questions
Chapter 15: Exploiting Information Disclosure
Exploiting Error Messages
Gathering Published Information
Using Inference
Preventing Information Leakage
Summary
Questions
Chapter 16: Attacking Native Compiled Applications
Buffer Overflow Vulnerabilities
Integer Vulnerabilities
Format String Vulnerabilities
Summary
Questions
Chapter 17: Attacking Application Architecture
Tiered Architectures
Shared Hosting and Application Service Providers
Summary
Questions
Chapter 18: Attacking the Application Server
Vulnerable Server Configuration
Vulnerable Server Software
Web Application Firewalls
Summary
Questions
Chapter 19: Finding Vulnerabilities in Source Code
Approaches to Code Review
Signatures of Common Vulnerabilities
The Java Platform
ASP.NET
PHP
Perl
JavaScript
Database Code Components
Tools for Code Browsing
Summary
Questions
Chapter 20: A Web Application Hacker's Toolkit
Web Browsers
Integrated Testing Suites
Standalone Vulnerability Scanners
Other Tools
Summary
Chapter 21: A Web Application Hacker's Methodology
General Guidelines
1 Map the Application's Content
2 Analyze the Application
3 Test Client-Side Controls
4 Test the Authentication Mechanism
5 Test the Session Management Mechanism
6 Test Access Controls
7 Test for Input-Based Vulnerabilities
8 Test for Function-Specific Input Vulnerabilities
9 Test for Logic Flaws
10 Test for Shared Hosting Vulnerabilities
11 Test for Application Server Vulnerabilities
12 Miscellaneous Checks
13 Follow Up Any Information Leakage
← Prev
Back
Next →
← Prev
Back
Next →