Web Application Security: Exploitation and Countermeasures for Modern Web Applications
Paperback
Publisher Price: $65.99
ISBN13: 9781098143930
Publisher: O'Reilly Media
Published: Feb 27 2024
Pages: 441
Weight: 1.55
Height: 0.90 Width: 7.00 Depth: 9.19
Language: English
In the first edition of this critically acclaimed book, Andrew Hoffman defined the three pillars of application security: reconnaissance, offense, and defense. In this revised and updated second edition, he examines dozens of related topics, from the latest types of attacks and mitigations to threat modeling, the secure software development lifecycle (SSDL/SDLC), and more.
Hoffman, senior staff security engineer at Ripple, also provides information regarding exploits and mitigations for several additional web application technologies such as GraphQL, cloud-based deployments, content delivery networks (CDN) and server-side rendering (SSR). Following the curriculum from the first book, this second edition is split into three distinct pillars comprising three separate skill sets:
- Pillar 1: Recon--Learn techniques for mapping and documenting web applications remotely, including procedures for working with web applications
- Pillar 2: Offense--Explore methods for attacking web applications using a number of highly effective exploits that have been proven by the best hackers in the world. These skills are valuable when used alongside the skills from Pillar 3.
- Pillar 3: Defense--Build on skills acquired in the first two parts to construct effective and long-lived mitigations for each of the attacks described in Pillar 2.
Also in
Computer Security
Password Logbook (Black & Gold): Keep Track of Usernames, Passwords, Web Addresses in One Easy and Organized Location
Editors of Rock Point
Hardcover
Raising Humans in a Digital World: Helping Kids Build a Healthy Relationship with Technology
Graber, Diana
Paperback
Password Logbook (Hip Floral): Keep Track of Usernames, Passwords, Web Addresses in One Easy and Organized Location
Editors of Rock Point
Hardcover
Enterprise Cyber Risk Management as a Value Creator: Leverage Cybersecurity for Competitive Advantage
Chaput, Bob
Paperback
(Isc)2 Cissp Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle
Stewart, James Michael
Gibson, Darril
Chapple, Mike
Paperback
A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend Them Back
Schneier, Bruce
Paperback
Linux Basics for Hackers: Getting Started with Networking, Scripting, and Security in Kali
Occupytheweb
Paperback
Shit I Can't Remember: Keep track of usernames, passwords, web addresses in one easy & organized location
Books, Family's
Paperback
Comptia Security+ Study Guide with Over 500 Practice Test Questions: Exam Sy0-701
Chapple, Mike
Seidl, David
Paperback
Software Supply Chain Security: Securing the End-To-End Supply Chain for Software, Firmware, and Hardware
Crossley, Cassie
Paperback
A Hacker's Mind: How the Powerful Bend Society's Rules, and How to Bend Them Back
Schneier, Bruce
Hardcover
Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers
Greenberg, Andy
Paperback
Comptia Security+ All-In-One Exam Guide, Sixth Edition (Exam Sy0-601)
White, Greg
Conklin, Wm Arthur
Hardcover
Blue Team Handbook: Incident Response Edition: A condensed field guide for the Cyber Security Incident Responder.
Murdoch Gse, Don
Paperback
Zero Trust Networks: Building Secure Systems in Untrusted Networks
Rais, Razi
Morillo, Christina
Gilman, Evan
Paperback
The Internet Is Not What You Think It Is: A History, a Philosophy, a Warning
Smith-Ruiu, Justin
Paperback
Gray Hat Hacking: The Ethical Hacker's Handbook, Sixth Edition
Sims, Stephen
Harper, Allen
Linn, Ryan
Paperback
Data Duped: How to Avoid Being Hoodwinked by Misinformation
Camm, Jeffrey D.
Gibson, Derek W.
Hardcover
Wtf Is My Password: Keep track of usernames, passwords, web addresses in one easy & organized location - Orange Cover
Pray, Norman M.
Paperback
Don't Trust Your Gut: Using Data to Get What You Really Want in Life
Stephens-Davidowitz, Seth
Paperback
Network Programmability and Automation: Skills for the Next-Generation Network Engineer
Oswalt, Matt
Adell, Christian
Lowe, Scott S.
Paperback
How to Stay Safe Online: A Digital Self-Care Toolkit for Developing Resilience and Allyship
Akiwowo, Seyi
Paperback
Understanding Cryptography: From Established Symmetric and Asymmetric Ciphers to Post-Quantum Algorithms
Pelzl, Jan
Güneysu, Tim
Paar, Christof
Hardcover
I'll Never Forget You: Internet Password Manager to Keep Your Private Information Safe - With A-Z Tabs and Flower Design
Publishing, Secure
Paperback
SSL/TLS Under Lock and Key: A Guide to Understanding SSL/TLS Cryptography
Schatten, Jeremy
Baka, Paul
Paperback
Hacking and Security: The Comprehensive Guide to Penetration Testing and Cybersecurity
Kloep, Peter
Kofler, Michael
Gebeshuber, Klaus
Paperback
The Ransomware Hunting Team: A Band of Misfits' Improbable Crusade to Save the World from Cybercrime
Dudley, Renee
Golden, Daniel
Paperback
Windows Security Internals: A Deep Dive Into Windows Authentication, Authorization, and Auditing
Forshaw, James
Paperback
Locksport: A Hackers Guide to Lockpicking, Impressioning, and Safe Cracking
Weyers, Jos
Burrough, Matt
Belgers, Walter
Paperback
Building a Career in Cybersecurity: The Strategy and Skills You Need to Succeed
Diogenes, Yuri
Paperback
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
Zetter, Kim
Paperback
Effective Vulnerability Management: Managing Risk in the Vulnerable Digital Ecosystem
Robinson, Nikki
Hughes, Chris
Paperback
Firewalls Don't Stop Dragons: A Step-By-Step Guide to Computer Security and Privacy for Non-Techies
Parker, Carey
Paperback
Building a Cyber Risk Management Program: Evolving Security for the Digital Age
Hicks, Terry
Bapst, Brandon
Allen, Brian
Paperback
Algorithms of Armageddon: The Impact of Artificial Intelligence on Future Wars
Galdorisi, George
Tangredi, Sam J.
Hardcover
(Isc)2 Cissp Certified Information Systems Security Professional Official Study Guide
Gibson, Darril
Chapple, Mike
Stewart, James Michael
Paperback
Parent Handbook for Online Safety: Practical Ideas, Activities, & Information for Your Family
Miller, Dana L. C.
Paperback
The Internet Is Not What You Think It Is: A History, a Philosophy, a Warning
Smith-Ruiu, Justin
Hardcover
Practical Iot Hacking: The Definitive Guide to Attacking the Internet of Things
Calderon, Paulino
Chantzis, Fotios
Stais, Ioannis
Paperback
Humorous Cryptograms: 300 Large Print Puzzles To Keep You Entertained (Large Print Edition)
Nest, Game
Paperback
Practical Cybersecurity Architecture: A guide to creating and implementing robust designs for cybersecurity architects
Moyle, Ed
Kelley, Diana
Paperback
Investigating Cryptocurrencies: Understanding, Extracting, and Analyzing Blockchain Evidence
Furneaux, Nick
Paperback
Scam Proof Your Life in the End Times: Justice & Restoration for Christians
Cioccolanti, Steve
Paperback
The Secure Board: How To Be Confident That Your Organisation Is Cyber Safe
Leibel, Anna
Pales, Claire
Paperback
Security Chaos Engineering: Sustaining Resilience in Software and Systems
Shortridge, Kelly
Paperback
It Auditing Using Controls to Protect Information Assets, Third Edition
Davis, Chris
Kegerreis, Mike
Schiller, Mike
Paperback
Cult of the Dead Cow: How the Original Hacking Supergroup Might Just Save the World
Menn, Joseph
Paperback
CompTIA Network+ N10-008 Certification Guide - Second Edition: The ultimate guide to passing the N10-008 exam
Singh, Glen D.
Paperback
Hands-On Network Forensics: Investigate network attacks and find evidence using common network forensic tools
Jaswal, Nipun
Paperback
Seven Elements of Highly Successful Zero Trust Architecture
Ganguli, Sanjit
Festa, Gerard
Howe, Nathan
Hardcover
Learn Computer Forensics - Second Edition: Your one-stop guide to searching, analyzing, acquiring, and securing digital evidence
Oettinger, William
Paperback
The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws
Stuttard, Dafydd
Pinto, Marcus
Paperback
The Mathematics of Secrets: Cryptography from Caesar Ciphers to Digital Encryption
Holden, Joshua
Paperback
Intelligence-Driven Incident Response: Outwitting the Adversary
Roberts, Scott
Brown, Rebekah
Paperback
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning
Lyon, Gordon
Fyodor
Paperback
pfSense Essentials: The Complete Reference to the pfSense Internet Gateway and Firewall
Reed, Jeremy C.
Paperback
Cissp Exam Certification Companion: 1000+ Practice Questions and Expert Strategies for Passing the Cissp Exam
Bouke, Mohamed Aly
Paperback
Mastering Linux Security and Hardening - Third Edition: A practical guide to protecting your Linux system from cyber attacks
Tevault, Donald a.
Paperback
Hands on Hacking: Become an Expert at Next Gen Penetration Testing and Purple Teaming
Hickey, Matthew
Arcuri, Jennifer
Paperback
Solving Identity Management in Modern Applications: Demystifying Oauth 2, Openid Connect, and Saml 2
Wilson, Yvonne
Hingnikar, Abhishek
Paperback
Isc2 Cissp Certified Information Systems Security Professional Official Study Guide & Practice Tests Bundle
Chapple, Mike
Paperback
The Cyber War is Here: U.S. and Global Infrastructure Under Attack: A CISO's Perspective
Crudgington, Marc
Hardcover
A Vulnerable System: The History of Information Security in the Computer Age
Stewart, Andrew J.
Hardcover
Online Predators, An Internet Insurgency: A Field Manual for Teaching and Parenting in the Digital Arena
Lee, Jeffrey a.
Hardcover
Fighting Phishing: Everything You Can Do to Fight Social Engineering and Phishing
Grimes, Roger A.
Paperback
Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls That Derail Us
Metcalf, Leigh
Dykstra, Josiah
Spafford, Eugene
Paperback
The AI Revolution in Networking, Cybersecurity, and Emerging Technologies
Salam, Samer
Dahir, Hazim
Santos, Omar
Paperback
How to Be a Woman Online: Surviving Abuse and Harassment, and How to Fight Back
Jankowicz, Nina
Paperback
The Art of Deception: Controlling the Human Element of Security
Mitnick, Kevin D.
Simon, William L.
Paperback
The Official Chfi Study Guide (Exam 312-49): For Computer Hacking Forensic Investigator
Kleiman, Dave
Paperback
Guide to Computer Forensics and Investigations, Loose-Leaf Version
Steuart, Christopher
Nelson, Bill
Phillips, Amelia
Paperback
The Android Malware Handbook: Detection and Analysis by Human and Machine
Mandujano, Salvador
Porst, Sebastian
Han, Qian
Paperback
Wireless Security Architecture: Designing and Maintaining Secure Wireless for Enterprise
Minella, Jennifer
Paperback
Cism Certified Information Security Manager All-In-One Exam Guide [With CD (Audio)]
Gregory, Peter H.
Paperback
From Exposed to Secure: The Cost of Cybersecurity and Compliance Inaction and the Best Way to Keep Your Company Safe
Featuring Cybersecurity and Compliance Experts from Around t
Paperback
Development of Safety-Critical Systems: Architecture and Software
Karmakar, Gopinath
Wakankar, Amol
Kabra, Ashutosh
Paperback
OSINT 101 Handbook: Advanced Reconnaissance, Threat Assessment, And Counterintelligence
Botwright, Rob
Paperback
The Definitive Guide to PCI Dss Version 4: Documentation, Compliance, and Management
Cooper Jr, Arthur B.
Hall, Jeff
Mundhenk, David
Paperback