Hands-on Penetration Testing for Web Applications
Hands-on Penetration Testing for Web Applications: Run Web Security Testing on Modern Applications Using Nmap, Burp Suite and Wireshark (English Edition) by Richa Gupta
English | March 27, 2021 | ISBN: 9389328543 | 337 pages | PDF | 18 Mb
English | March 27, 2021 | ISBN: 9389328543 | 337 pages | PDF | 18 Mb
Learn how to build an end-to-end Web application security testing framework
Key Features
Description
Hands-on Penetration Testing for Web Applications offers readers with knowledge and skillset to identify, exploit and control the security vulnerabilities present in commercial web applications including online banking, mobile payments and e-commerce applications.
We begin with exposure to modern application vulnerabilities present in web applications. You will learn and gradually practice the core concepts of penetration testing and OWASP Top Ten vulnerabilities including injection, broken authentication and access control, security misconfigurations and cross-site scripting (XSS). You will then gain advanced skillset by exploring the methodology of security testing and how to work around security testing as a true security professional. This book also brings cutting-edge coverage on exploiting and detecting vulnerabilities such as authentication flaws, session flaws, access control flaws, input validation flaws etc. You will discover an end-to-end implementation of tools such as nmap, burp suite, and wireshark. You will then learn to practice how to execute web application intrusion testing in automated testing tools and also to analyze vulnerabilities and threats present in the source codes.
By the end of this book, you will gain in-depth knowledge of web application testing framework and strong proficiency in exploring and building high secured web applications.
What you will learn
Who this book is for
This book is for Penetration Testers, ethical hackers, and web application developers. People who are new to security testing will also find this book useful. Basic knowledge of HTML, JavaScript would be an added advantage.
Table of Contents
1. Why Application Security?
2. Modern application Vulnerabilities
3. Web Pentesting Methodology
4. Testing Authentication
5. Testing Session Management
6. Testing Secure Channels
7. Testing Secure Access Control
8. Sensitive Data and Information disclosure
9. Testing Secure Data validation
10. Attacking Application Users: Other Techniques
11. Testing Configuration and Deployment
12. Automating Custom Attacks
13. Pentesting Tools
14. Static Code Analysis
15. Mitigations and Core Defense Mechanisms
Feel Free to contact me for book requests, informations or feedbacks.
Without You And Your Support We Can’t Continue
Thanks For Buying Premium From My Links For Support
Without You And Your Support We Can’t Continue
Thanks For Buying Premium From My Links For Support