The Penetration Tester's Guide to Web Applications (Artech House Computer Security Series)
by 作者: Serge Borso
Pages: 280 pages
Publisher Finelybook 出版社: Artech House Publishers; Unabridged edition edition (30 Jun. 2019)
Language 语言: English
ISBN-10 书号: 1630816221
ISBN-13 书号: 9781630816223
Book Description
The Penetration Tester’s Guide to Web Applications (Artech House Computer Security Series)
This innovative new resource provides both professionals and aspiring professionals with clear guidance on how to identify and exploit common web application vulnerabilities. The book focuses on offensive security and how to attack web applications. It describes each of the Open Web Application Security Project (OWASP) top ten vulnerabilities,including broken authentication,cross-site scripting and insecure deserialization,and details how to identify and exploit each weakness.
Preface
1 Introduction
2OWASP A1: 2017 Injection
3OWASP A2: 2017 Broken Authentication
4OWASP A3: 2017 Sensitive Data Exposure
5OWASP A4: 2017 XML External Entities(XXE)
6 OWASP A5: 2017 Broken Access Control
7 OWASP A6: 2017 Security Misconfiguration
8 OWASP A7: 2017 Cross-Site Scripting (XSS)
9OWASP A8: 2017 Insecure Deserialization
10 OWASP A9: 2017 Using COmponents with Known Vulnerabilities
11OWASP A10: 2017 Insufficient Logging and Monitoring
12Beyond OWASP Top 10
13Testing as a Consultant and Adding Value
About the Author
Index