How to Attack and Defend Your Website
Auteur : Dalziel Henry
Coordonnateur : Caceres Alejandro
How to Attack and Defend Your Website is a concise introduction to web security that includes hands-on web hacking tutorials. The book has three primary objectives: to help readers develop a deep understanding of what is happening behind the scenes in a web application, with a focus on the HTTP protocol and other underlying web technologies; to teach readers how to use the industry standard in free web application vulnerability discovery and exploitation tools ? most notably Burp Suite, a fully featured web application testing tool; and finally, to gain knowledge of finding and exploiting the most common web security vulnerabilities.
This book is for information security professionals and those looking to learn general penetration testing methodology and how to use the various phases of penetration testing to identify and exploit common web protocols.
How to Attack and Defend Your Websiteis be the first book to combine the methodology behind using penetration testing tools such as Burp Suite and Damn Vulnerable Web Application (DVWA), with practical exercises that show readers how to (and therefore, how to prevent) pwning with SQLMap and using stored XSS to deface web pages.
Chapter 1: Web Technologies
Chapter 2: Exploitation
Chapter 3: Finding Vulnerabilities
Alejandro Caceres is the founder of Hyperion Gray, LLC, a web security and big data R&D company. He is also the creator of the PunkSPIDER project, an open-source web app vulnerability scanner and repository of vulnerabilities found on the open web. Alejandro has spoken at several major security conferences (DEF CON, ShmooCon, AppSec) and enjoys making web app hacking principles more accessible to web developers so that they can design and build more secure applications.
- Learn the basics of penetration testing so that you can test your own website's integrity and security
- Discover useful tools such as Burp Suite, DVWA, and SQLMap
- Gain a deeper understanding of how your website works and how best to protect it
Date de parution : 12-2014
Ouvrage de 76 p.
15.2x22.8 cm
Thèmes de How to Attack and Defend Your Website :
Mots-clés :
Burp Suite site map; bypassing client-side controls; client-side programming languages; content management systems (CMS); cross-site scripting; filtering bypasses; GET requests; HTML; HTTP requests; intercepting proxy; JavaScript; MySQL database; MySQL shell; password hashing; pentesting process; POST requests; server-side programming languages; SQL (Structured Query Language); SQL injection; SQL syntax; URL encoding; web servers