Sign in
|
Register
|
Mobile
Home
Browse
About us
Help/FAQ
Advanced search
Home
>
Browse
>
Hacking Exposed
>
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
CITATION
Scambray, Joel;
Liu, Vincent; and
Sima, Caleb
.
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
.
US
: McGraw-Hill Osborne Media, 2010.
Add to Favorites
Email to a Friend
Download Citation
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
Authors:
Joel Scambray
,
Vincent Liu
and
Caleb Sima
Published:
October 2010
eISBN:
9780071740425 0071740422
|
ISBN:
9780071740647
Open eBook
Book Description
Table of Contents
Contents
Foreword
Acknowledgments
Introduction
1 Hacking Web Apps 101
What Is Web Application Hacking?
GUI Web Hacking
URI Hacking
Methods, Headers, and Body
Resources
Authentication, Sessions, and Authorization
The Web Client and HTML
Other Protocols
Why Attack Web Applications?
Who, When, and Where?
Weak Spots
How Are Web Apps Attacked?
The Web Browser
Browser Extensions
HTTP Proxies
Command-line Tools
Older Tools
Summary
References & Further Reading
2 Profiling
Infrastructure Profiling
Footprinting and Scanning: Defining Scope
Basic Banner Grabbing
Advanced HTTP Fingerprinting
Infrastructure Intermediaries
Application Profiling
Manual Inspection
Search Tools for Profiling
Automated Web Crawling
Common Web Application Profiles
General Countermeasures
A Cautionary Note
Protecting Directories
Protecting include Files
Miscellaneous Tips
Summary
References & Further Reading
3 Hacking Web Platforms
Point-and-Click Exploitation Using Metasploit
Manual Exploitation
Evading Detection
Web Platform Security Best Practices
Common Best Practices
IIS Hardening
Apache Hardening
PHP Best Practices
Summary
References & Further Reading
4 Attacking Web Authentication
Web Authentication Threats
Username/Password Threats
Strong(er) Web Authentication
Web Authentication Services
Bypassing Authentication
Token Replay
Cross-site Request Forgery
Identity Management
Client-side Piggybacking
Some Final Thoughts: Identity Theft
Summary
References & Further Reading
5 Attacking Web Authorization
Fingerprinting Authz
Crawling ACLs
Identifying Access Tokens
Analyzing Session Tokens
Differential Analysis
Role Matrix
Attacking ACLS
Attacking Tokens
Manual Prediction
Automated Prediction
Capture/Replay
Session Fixation
Authorization Attack Case Studies
Horizontal Privilege Escalation
Vertical Privilege Escalation
Differential Analysis
When Encryption Fails
Using cURL to Map Permissions
Authorization Best Practices
Web ACL Best Practices
Web Authorization/Session Token Security
Security Logs
Summary
References & Further Reading
6 Input Injection Attacks
Expect the Unexpected
Where to Find Attack Vectors
Bypass Client-Side Validation Routines
Common Input Injection Attacks
Buffer Overflow
Canonicalization (dot-dot-slash)
HTML Injection
Boundary Checks
Manipulate Application Behavior
SQL Injection
XPATH Injection
LDAP Injection
Custom Parameter Injection
Log Injection
Command Execution
Encoding Abuse
PHP Global Variables
Common Side-effects
Common Countermeasures
Summary
References & Further Reading
7 Attacking XML Web Services
What Is a Web Service?
Transport: SOAP over HTTP(S)
WSDL
Directory Services: UDDI and DISCO
Similarities to Web Application Security
Attacking Web Services
Web Service Security Basics
Summary
References & Further Reading
8 Attacking Web Application Management
Remote Server Management
Telnet
SSH
Proprietary Management Ports
Other Administration Services
Web Content Management
FTP
SSH/scp
FrontPage
WebDAV
Misconfigurations
Unnecessary Web Server Extensions
Information Leakage Misconfigurations
State Management Misconfiguration
Summary
References & Further Reading
9 Hacking Web Clients
Exploits
Web Client Implementation Vulnerabilities
Trickery
General Countermeasures
Low-privilege Browsing
Firefox Security Extensions
ActiveX Countermeasures
Server-side Countermeasures
Summary
References & Further Reading
10 The Enterprise Web Application Security Program
Threat Modeling
Clarify Security Objectives
Identify Assets
Architecture Overview
Decompose the Application
Identify and Document Threats
Rank the Threats
Develop Threat Mitigation Strategies
Code Review
Manual Source Code Review
Automated Source Code Review
Binary Analysis
Security Testing of Web App Code
Fuzzing
Test Tools, Utilities, and Harnesses
Pen-testing
Security in the Web Development Process
People
Process
Technology
Summary
References & Further Reading
A: Web Application Security Checklist
B: Web Hacking Tools and Techniques Cribsheet
Index
