The Web Application Hacker's Handbook, 2nd Edition

The Web Application Hacker's Handbook, 2nd Edition

by Dafydd Stuttard, Marcus Pinto
Released September 2011
Publisher(s): Wiley
ISBN: 9781118026472

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

The highly successful security book returns with a new edition, completely updated

Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side.

  • Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition
  • Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more
  • Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks

Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws.

Also available as a set with, CEHv8: Certified Hacker Version 8 Study Guide, Ethical Hacking and Web Hacking Set, 9781119072171.

Table of contents

  1. Cover
  2. Title
  3. Copyright
  4. About the Authors
  5. About the Technical Editor
  6. MDSec: The Authors’ Company
  7. Credits
  8. Acknowledgments
  9. Introduction
    1. Overview of This Book
    2. Who Should Read This Book
    3. How This Book Is Organized
    4. What's New in This Edition
    5. Tools You Will Need
    6. What's on the Website
    7. Bring It On
  10. Chapter 1: Web Application (In)security
    1. The Evolution of Web Applications
    2. Web Application Security
    3. Summary
  11. Chapter 2: Core Defense Mechanisms
    1. Handling User Access
    2. Handling User Input
    3. Handling Attackers
    4. Managing the Application
    5. Summary
    6. Questions
  12. Chapter 3: Web Application Technologies
    1. The HTTP Protocol
    2. Web Functionality
    3. Encoding Schemes
    4. Next Steps
    5. Questions
  13. Chapter 4: Mapping the Application
    1. Enumerating Content and Functionality
    2. Analyzing the Application
    3. Summary
    4. Questions
  14. Chapter 5: Bypassing Client-Side Controls
    1. Transmitting Data Via the Client
    2. Capturing User Data: HTML Forms
    3. Capturing User Data: Browser Extensions
    4. Handling Client-Side Data Securely
    5. Summary
    6. Questions
  15. Chapter 6: Attacking Authentication
    1. Authentication Technologies
    2. Design Flaws in Authentication Mechanisms
    3. Implementation Flaws in Authentication
    4. Securing Authentication
    5. Summary
    6. Questions
  16. Chapter 7: Attacking Session Management
    1. The Need for State
    2. Weaknesses in Token Generation
    3. Weaknesses in Session Token Handling
    4. Securing Session Management
    5. Summary
    6. Questions
  17. Chapter 8: Attacking Access Controls
    1. Common Vulnerabilities
    2. Attacking Access Controls
    3. Securing Access Controls
    4. Summary
    5. Questions
  18. Chapter 9: Attacking Data Stores
    1. Injecting into Interpreted Contexts
    2. Injecting into SQL
    3. Injecting into NoSQL
    4. Injecting into XPath
    5. Injecting into LDAP
    6. Summary
    7. Questions
  19. Chapter 10: Attacking Back-End Components
    1. Injecting OS Commands
    2. Manipulating File Paths
    3. Injecting into XML Interpreters
    4. Injecting into Back-end HTTP Requests
    5. Injecting into Mail Services
    6. Summary
    7. Questions
  20. Chapter 11: Attacking Application Logic
    1. The Nature of Logic Flaws
    2. Real-World Logic Flaws
    3. Avoiding Logic Flaws
    4. Summary
    5. Questions
  21. Chapter 12: Attacking Users: Cross-Site Scripting
    1. Varieties of XSS
    2. XSS Attacks in Action
    3. Finding and Exploiting XSS Vulnerabilities
    4. Preventing XSS Attacks
    5. Summary
    6. Questions
  22. Chapter 13: Attacking Users: Other Techniques
    1. Inducing User Actions
    2. Capturing Data Cross-Domain
    3. The Same-Origin Policy Revisited
    4. Other Client-Side Injection Attacks
    5. Local Privacy Attacks
    6. Attacking ActiveX Controls
    7. Attacking the Browser
    8. Summary
    9. Questions
  23. Chapter 14: Automating Customized Attacks
    1. Uses for Customized Automation
    2. Enumerating Valid Identifiers
    3. Harvesting Useful Data
    4. Fuzzing for Common Vulnerabilities
    5. Putting It All Together: Burp Intruder
    6. Barriers to Automation
    7. Summary
    8. Questions
  24. Chapter 15: Exploiting Information Disclosure
    1. Exploiting Error Messages
    2. Gathering Published Information
    3. Using Inference
    4. Preventing Information Leakage
    5. Summary
    6. Questions
  25. Chapter 16: Attacking Native Compiled Applications
    1. Buffer Overflow Vulnerabilities
    2. Integer Vulnerabilities
    3. Format String Vulnerabilities
    4. Summary
    5. Questions
  26. Chapter 17: Attacking Application Architecture
    1. Tiered Architectures
    2. Shared Hosting and Application Service Providers
    3. Summary
    4. Questions
  27. Chapter 18: Attacking the Application Server
    1. Vulnerable Server Configuration
    2. Vulnerable Server Software
    3. Web Application Firewalls
    4. Summary
    5. Questions
  28. Chapter 19: Finding Vulnerabilities in Source Code
    1. Approaches to Code Review
    2. Signatures of Common Vulnerabilities
    3. The Java Platform
    4. ASP.NET
    5. PHP
    6. Perl
    7. JavaScript
    8. Database Code Components
    9. Tools for Code Browsing
    10. Summary
    11. Questions
  29. Chapter 20: A Web Application Hacker's Toolkit
    1. Web Browsers
    2. Integrated Testing Suites
    3. Standalone Vulnerability Scanners
    4. Other Tools
    5. Summary
  30. Chapter 21: A Web Application Hacker's Methodology
    1. General Guidelines
    2. 1 Map the Application's Content
    3. 2 Analyze the Application
    4. 3 Test Client-Side Controls
    5. 4 Test the Authentication Mechanism
    6. 5 Test the Session Management Mechanism
    7. 6 Test Access Controls
    8. 7 Test for Input-Based Vulnerabilities
    9. 8 Test for Function-Specific Input Vulnerabilities
    10. 9 Test for Logic Flaws
    11. 10 Test for Shared Hosting Vulnerabilities
    12. 11 Test for Application Server Vulnerabilities
    13. 12 Miscellaneous Checks
    14. 13 Follow Up Any Information Leakage
  31. Index
  32. End User License Agreement

Product information

  • Title: The Web Application Hacker's Handbook, 2nd Edition
  • Author(s): Dafydd Stuttard, Marcus Pinto
  • Release date: September 2011
  • Publisher(s): Wiley
  • ISBN: 9781118026472