|This article is the original content of AppNee. All rights reserved. To repost or reproduce, please make a footnote with our article link!|
The Web Application Hacker’s Handbook (WAHH for short), 2nd Edition is one of bible-level of security technology books with comprehensive, abundant and professional content highly recommended by AppNee. This second edition new added about 30% of content, mainly introduced new trends and a large number of new vulnerabilities in the field of Web security.
Since The Web Application Hacker’s Handbook’s first edition, the status of Web security has changed a lot. And in the wake of improvement of people’s security awareness, many bugs have been fixed. But as sorts of new technologies are springing up constantly (especially the launch of Web 2.0, HTML 5, wireless Internet, and cloud service), security problems of Web applications will face a bigger challenge.
The Web Application Hacker’s Handbook, 2nd Edition is suitable for all levels of computer security personnels and technicians in the Web development & management fields to read. This book is very thick, but don’t be afraid, just pay a little more patience.
In addition, some skills in this book have already failed for a long time, which will make it a bit hard for readers to understand without the historical background at that time. Anyway, after a perusal to this book, it does allow you to have your ideas straightened out.
// Table Of Contents //
- Chapter 1 Web Application (In)security 1
- Chapter 2 Core Defense Mechanisms 17
- Chapter 3 Web Application Technologies 39
- Chapter 4 Mapping the Application 73
- Chapter 5 Bypassing Client-Side Controls 117
- Chapter 6 Attacking Authentication 159
- Chapter 7 Attacking Session Management 205
- Chapter 8 Attacking Access Controls 257
- Chapter 9 Attacking Data Stores 287
- Chapter 10 Attacking Back-End Components 357
- Chapter 11 Attacking Application Logic 405
- Chapter 12 Attacking Users: Cross-Site Scripting 431
- Chapter 13 Attacking Users: Other Techniques 501
- Chapter 14 Automating Customized Attacks 571
- Chapter 15 Exploiting Information Disclosure 615
- Chapter 16 Attacking Native Compiled Applications 633
- Chapter 17 Attacking Application Architecture 647
- Chapter 18 Attacking the Application Server 669
- Chapter 19 Finding Vulnerabilities in Source Code 701
- Chapter 20 A Web Application Hacker’s Toolkit 747
- Chapter 21 A Web Application Hacker’s Methodology 791