Attacking and Exploiting Modern Web Applications
Home > General > Attacking and Exploiting Modern Web Applications
Attacking and Exploiting Modern Web Applications

Attacking and Exploiting Modern Web Applications


     0     
5
4
3
2
1



International Edition


About the Book

A comprehensive guide to effectively understand web attacks for web application security, featuring real-world bug bounty hunting techniques, CVEs, and CTFs

Purchase of the print or Kindle book includes a free PDF eBook


Key Features:

  • Learn how to find vulnerabilities using source code, dynamic analysis, and decompiling binaries
  • Find and exploit vulnerabilities such as SQL Injection, XSS, Command Injection, RCE, and Reentrancy
  • Analyze real security incidents based on MITRE ATT&CK to understand the risk at the CISO level


Book Description:

Web attacks and exploits pose an ongoing threat to the interconnected world. This comprehensive book explores the latest challenges in web application security, providing you with an in-depth understanding of hackers' methods and the practical knowledge and skills needed to effectively understand web attacks.

The book starts by emphasizing the importance of mindsets and toolsets in conducting successful web attacks. You'll then explore the methodologies and frameworks used in these attacks, and learn how to configure an environment using interception proxies, automate tasks with Bash and Python, and set up a research lab. As you advance through the book, you'll discover how to attack the SAML authentication layer; attack front-facing web applications by learning WordPress and SQL injection, and exploit vulnerabilities in IoT devices, such as command injection, by going through three CTFs and learning about the discovery of seven CVEs. Each chapter analyzes confirmed cases of exploitation mapped with MITRE ATT&CK. You'll also analyze attacks on Electron JavaScript-based applications, such as XSS and RCE, and the security challenges of auditing and exploiting Ethereum smart contracts written in Solidity. Finally, you'll find out how to disclose vulnerabilities.

By the end of this book, you'll have enhanced your ability to find and exploit web vulnerabilities.


What You Will Learn:

  • Understand the mindset, methodologies, and toolset needed to carry out web attacks
  • Discover how SAML and SSO work and study their vulnerabilities
  • Get to grips with WordPress and learn how to exploit SQL injection
  • Find out how IoT devices work and exploit command injection
  • Familiarize yourself with Electron JavaScript-based applications and transform an XSS to an RCE
  • Discover how to audit Solidity's Ethereum smart contracts
  • Get the hang of decompiling, debugging, and instrumenting web applications


Who this book is for:

This book is for anyone whose job role involves ensuring their organization's security - penetration testers and red teamers who want to deepen their knowledge of the current security challenges for web applications, developers and DevOps professionals who want to get into the mindset of an attacker; and security managers and CISOs looking to truly understand the impact and risk of web, IoT, and smart contracts. Basic knowledge of web technologies, as well as related protocols is a must.


Best Sellers



Product Details
  • ISBN-13: 9781801816298
  • Publisher: Packt Publishing
  • Binding: Paperback
  • Language: English
  • Returnable: N
  • Sub Title: Discover the mindset, techniques, and tools to perform modern web attacks and exploitation
  • Width: 191 mm
  • ISBN-10: 1801816298
  • Publisher Date: 25 Aug 2023
  • Height: 235 mm
  • No of Pages: 338
  • Spine Width: 18 mm
  • Weight: 630 gr


Similar Products

Add Photo
Add Photo

Customer Reviews

REVIEWS      0     
Click Here To Be The First to Review this Product
Attacking and Exploiting Modern Web Applications
Packt Publishing -
Attacking and Exploiting Modern Web Applications
Writing guidlines
We want to publish your review, so please:
  • keep your review on the product. Review's that defame author's character will be rejected.
  • Keep your review focused on the product.
  • Avoid writing about customer service. contact us instead if you have issue requiring immediate attention.
  • Refrain from mentioning competitors or the specific price you paid for the product.
  • Do not include any personally identifiable information, such as full names.

Attacking and Exploiting Modern Web Applications

Required fields are marked with *

Review Title*
Review
    Add Photo Add up to 6 photos
    Would you recommend this product to a friend?
    Tag this Book Read more
    Does your review contain spoilers?
    What type of reader best describes you?
    I agree to the terms & conditions
    You may receive emails regarding this submission. Any emails will include the ability to opt-out of future communications.

    CUSTOMER RATINGS AND REVIEWS AND QUESTIONS AND ANSWERS TERMS OF USE

    These Terms of Use govern your conduct associated with the Customer Ratings and Reviews and/or Questions and Answers service offered by Bookswagon (the "CRR Service").


    By submitting any content to Bookswagon, you guarantee that:
    • You are the sole author and owner of the intellectual property rights in the content;
    • All "moral rights" that you may have in such content have been voluntarily waived by you;
    • All content that you post is accurate;
    • You are at least 13 years old;
    • Use of the content you supply does not violate these Terms of Use and will not cause injury to any person or entity.
    You further agree that you may not submit any content:
    • That is known by you to be false, inaccurate or misleading;
    • That infringes any third party's copyright, patent, trademark, trade secret or other proprietary rights or rights of publicity or privacy;
    • That violates any law, statute, ordinance or regulation (including, but not limited to, those governing, consumer protection, unfair competition, anti-discrimination or false advertising);
    • That is, or may reasonably be considered to be, defamatory, libelous, hateful, racially or religiously biased or offensive, unlawfully threatening or unlawfully harassing to any individual, partnership or corporation;
    • For which you were compensated or granted any consideration by any unapproved third party;
    • That includes any information that references other websites, addresses, email addresses, contact information or phone numbers;
    • That contains any computer viruses, worms or other potentially damaging computer programs or files.
    You agree to indemnify and hold Bookswagon (and its officers, directors, agents, subsidiaries, joint ventures, employees and third-party service providers, including but not limited to Bazaarvoice, Inc.), harmless from all claims, demands, and damages (actual and consequential) of every kind and nature, known and unknown including reasonable attorneys' fees, arising out of a breach of your representations and warranties set forth above, or your violation of any law or the rights of a third party.


    For any content that you submit, you grant Bookswagon a perpetual, irrevocable, royalty-free, transferable right and license to use, copy, modify, delete in its entirety, adapt, publish, translate, create derivative works from and/or sell, transfer, and/or distribute such content and/or incorporate such content into any form, medium or technology throughout the world without compensation to you. Additionally,  Bookswagon may transfer or share any personal information that you submit with its third-party service providers, including but not limited to Bazaarvoice, Inc. in accordance with  Privacy Policy


    All content that you submit may be used at Bookswagon's sole discretion. Bookswagon reserves the right to change, condense, withhold publication, remove or delete any content on Bookswagon's website that Bookswagon deems, in its sole discretion, to violate the content guidelines or any other provision of these Terms of Use.  Bookswagon does not guarantee that you will have any recourse through Bookswagon to edit or delete any content you have submitted. Ratings and written comments are generally posted within two to four business days. However, Bookswagon reserves the right to remove or to refuse to post any submission to the extent authorized by law. You acknowledge that you, not Bookswagon, are responsible for the contents of your submission. None of the content that you submit shall be subject to any obligation of confidence on the part of Bookswagon, its agents, subsidiaries, affiliates, partners or third party service providers (including but not limited to Bazaarvoice, Inc.)and their respective directors, officers and employees.

    Accept

    New Arrivals



    Inspired by your browsing history


    Your review has been submitted!

    You've already reviewed this product!