Cover
About the Authors
Credits
Contents
Acknowledgments
Introduction
Overview of This Book
Who Should Read This Book
How This Book Is Organized
Tools You Will Need
What's on the Web Site
Bring It On
Chapter 1: Web Application (In)security
The Evolution of Web Applications
Web Application Security
Chapter Summary
Chapter 2: Core Defense Mechanisms
Handling User Access
Handling User Input
Handling Attackers
Managing the Application
Chapter Summary
Questions
Chapter 3: Web Application Technologies
The HTTP Protocol
Web Functionality
Encoding Schemes
Next Steps
Questions
Chapter 4: Mapping the Application
Enumerating Content and Functionality
Analyzing the Application
Chapter Summary
Questions
Chapter 5: Bypassing Client-Side Controls
Transmitting Data via the Client
Capturing User Data: HTML Forms
Capturing User Data: Thick-Client Components
Handling Client-Side Data Securely
Chapter Summary
Questions
Chapter 6: Attacking Authentication
Authentication Technologies
Design Flaws in Authentication Mechanisms
Implementation Flaws in Authentication
Securing Authentication
Chapter Summary
Questions
Chapter 7: Attacking Session Management
The Need for State
Weaknesses in Session Token Generation
Weaknesses in Session Token Handling
Securing Session Management
Chapter Summary
Questions
Chapter 8: Attacking Access Controls
Common Vulnerabilities
Attacking Access Controls
Securing Access Controls
Chapter Summary
Questions
Chapter 9: Injecting Code
Injecting into Interpreted Languages
Injecting into SQL
Injecting OS Commands
Injecting into Web Scripting Languages
Injecting into SOAP
Injecting into XPath
Injecting into SMTP
Injecting into LDAP
Chapter Summary
Questions
Chapter 10: Exploiting Path Traversal
Common Vulnerabilities
Finding and Exploiting Path Traversal Vulnerabilities
Preventing Path Traversal Vulnerabilities
Chapter Summary
Questions
Chapter 11: Attacking Application Logic
The Nature of Logic Flaws
Real-World Logic Flaws
Avoiding Logic Flaws
Chapter Summary
Questions
Chapter 12: Attacking Other Users
Cross-Site Scripting
Redirection Attacks
HTTP Header Injection
Frame Injection
Request Forgery
JSON Hijacking
Session Fixation
Attacking ActiveX Controls
Local Privacy Attacks
Advanced Exploitation Techniques
Chapter Summary
Questions
Chapter 13: Automating Bespoke Attacks
Uses for Bespoke Automation
Enumerating Valid Identifiers
Harvesting Useful Data
Fuzzing for Common Vulnerabilities
Putting It All Together: Burp Intruder
Chapter Summary
Questions
Chapter 14: Exploiting Information Disclosure
Exploiting Error Messages
Gathering Published Information
T$11002.