The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws (Paperback, 2)

Introduction xxiii

Chapter 1 Web Application (In)security 1

Chapter 2 Core Defense Mechanisms 17

Chapter 3 Web Application Technologies 39

Chapter 4 Mapping the Application 73

Chapter 5 Bypassing Client-Side Controls 117

Chapter 6 Attacking Authentication 159

Chapter 7 Attacking Session Management 205

Chapter 8 Attacking Access Controls 257

Chapter 9 Attacking Data Stores 287

Chapter 10 Attacking Back-End Components 357

Chapter 11 Attacking Application Logic 405

Chapter 12 Attacking Users: Cross-Site Scripting 431

Chapter 13 Attacking Users: Other Techniques 501

Chapter 14 Automating Customized Attacks 571

Chapter 15 Exploiting Information Disclosure 615

Chapter 16 Attacking Native Compiled Applications 633

Chapter 17 Attacking Application Architecture 647

Chapter 18 Attacking the Application Server 669

Chapter 19 Finding Vulnerabilities in Source Code 701

Chapter 20 A Web Application Hacker’s Toolkit 747

Chapter 21 A Web Application Hacker’s Methodology 791

Index 853