We've provided a brief overview of each chapter below. Check back frequently as we add more!

1: Hacking Web Apps 101
In this chapter, we take a 50,000-foot aerial view of web application hacking tools and techniques. Buckle your seatbelt, Dorothy, because Kansas is going bye-bye.

2: Profiling
The first step in any methodology is often one of the most critical, and profiling is no exception. This chapter illustrated the process of reconnaissance in prelude to attacking a web application and its associated infrastructure.

3: Hacking Web Platforms
No application can be secured if it's built on a web platform that's full of security holes - this chapter describes attacks, detection evasion techniques, and countermeasures for the most popular web platforms, including IIS, Apache, PHP, and ASP.NET.

4: Attacking Web Authentication
This chapter covers attacks and countermeasures for common web authentication mechanisms, including password-based, multi-factor (e.g. SecureID, Passmark, CAPTCHA) and online authentication services like Passport.

5: Attacking Web Authorization
See how to excise the heart of any Web application's access controls through advanced session analysis, hijacking, and fixation techniques.

6: Input Injection Attacks
Brackets and quotes and dashes, oh my! From cross-site scripting to SQL injection, the essence of most web attacks is unexpected application input. In this chapter, we review the classic categories of malicious input, from overlong input (like buffer overflows) to canonicalization attacks (like the infamous dot-dot-slash), and reveal the metacharacters that should always be regarded with suspicion (including angle brackets, quotes, single quote, double dashes, percent, asterisk, underscore, newline, ampersand, pipe, and semicolon), beginner-to-advanced SQL injection tools and techniques, plus stealth-encoding techniques and input validation/output encoding countermeasures.

7: Attacking XML-Web Services
Don't drop the SOAP, because this chapter will reveal how web services vulnerabilities are discovered and exploited through techniques including WSDL disclosure, input injection, external entity injection, and XPath injection.

8: Attacking Web Application Management
If the front door is locked, try the back! This chapter reveals the most common web application management attacks against remote server management, web content management/authoring, admin misconfigurations, and developer-driven mistakes.

9: Hacking Web Clients
Did you know that your web browser is actually an effective portal through which unsavory types can enter directly into your homes and offices? Take a tour of the nastiest Firefox and IE exploits around, and then follow our "10 Steps to a Safer Internet Experience" (along with dozens of additional countermeasures) so you can breathe a little easier when you browse.

10: The Enterprise Web Application Security Program
Go behind-the-scenes to see our white/grey-box web security testing methodology and how it integrates into the web application development lifecycle, this chapter takes a brief departure from zero-knowledge/black-box analysis to explain the advantages of a robust full-knowledge/white-box web application security assessment methodology, including threat modeling, code review, dynamic web application scanning, security testing, and integrating security into the overall web application development lifecycle and IT operations. This chapter is aimed at IT operations and development staff for medium-to-large enterprises who need to implement our web application assessment methodology so it is scaleable, consistent, and delivers acceptable return on investment.

A: Web Site Security Checklist
B: Web Hacking Tools & Techniques Cribsheet

Copyright © 2003. All Rights Reserved. Designed by HTMLfx