{"product_id":"attacking-and-exploiting-modern-web-applications-discover-the-mindset-techniques-and-tools-to-perform-modern-web-attacks-and-exploitation-paperback","title":"Attacking and Exploiting Modern Web Applications: Discover the mindset, techniques, and tools to perform modern web attacks and exploitation - Paperback","description":"\u003cp\u003eby \u003cb\u003eSimone Onofri\u003c\/b\u003e (Author), \u003cb\u003eDonato Onofri\u003c\/b\u003e (Author)\u003c\/p\u003e\u003cp\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eMaster the art of web exploitation with real-world techniques on SAML, WordPress, IoT, ElectronJS, and Ethereum smart contracts\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003ePurchase of the print or Kindle book includes a free PDF eBook\u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eKey Features: \u003c\/strong\u003e\u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eLearn how to detect vulnerabilities using source code, dynamic analysis, and decompiling binaries\u003c\/li\u003e\n\u003cli\u003eFind and exploit vulnerabilities such as SQL Injection, XSS, Command Injection, RCE, and Reentrancy\u003c\/li\u003e\n\u003cli\u003eAnalyze real-world security incidents based on MITRE ATT\u0026amp;CK to understand the risk at the CISO level\u003c\/li\u003e\n\u003c\/ul\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eBook Description: \u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003eWeb attacks and exploits pose an ongoing threat to the interconnected world. This comprehensive book explores the latest challenges in web application security, providing you with an in-depth understanding of hackers' methods and the practical knowledge and skills needed to effectively understand web attacks.\u003c\/p\u003e\u003cp\u003eThe book starts by emphasizing the importance of mindset and toolset in conducting successful web attacks. You'll then explore the methodologies and frameworks used in these attacks, and learn how to configure the environment using interception proxies, automate tasks with Bash and Python, and set up a research lab. As you advance through the book, you'll discover how to attack the SAML authentication layer; attack front-facing web applications by learning WordPress and SQL injection, and exploit vulnerabilities in IoT devices, such as command injection, by going through three CTFs and learning about the discovery of seven CVEs. Each chapter analyzes confirmed cases of exploitation mapped with MITRE ATT\u0026amp;CK. You'll also analyze attacks on Electron JavaScript-based applications, such as XSS and RCE, and the security challenges of auditing and exploiting Ethereum smart contracts written in Solidity. Finally, you'll find out how to disclose vulnerabilities.\u003c\/p\u003e\u003cp\u003eBy the end of this book, you'll have enhanced your ability to find and exploit web vulnerabilities.\u003c\/p\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eWhat You Will Learn: \u003c\/strong\u003e\u003c\/p\u003e\u003cul\u003e\n\u003cli\u003eUnderstand the mindset, methodologies, and toolset needed to carry out web attacks\u003c\/li\u003e\n\u003cli\u003eDiscover how SAML and SSO work and study their vulnerabilities\u003c\/li\u003e\n\u003cli\u003eGet to grips with WordPress and learn how to exploit SQL injection\u003c\/li\u003e\n\u003cli\u003eFind out how IoT devices work and exploit command injection\u003c\/li\u003e\n\u003cli\u003eFamiliarize yourself with ElectronJS applications and transform an XSS to an RCE\u003c\/li\u003e\n\u003cli\u003eDiscover how to audit Solidity's Ethereum smart contracts\u003c\/li\u003e\n\u003cli\u003eGet the hang of decompiling, debugging, and instrumenting web applications\u003c\/li\u003e\n\u003c\/ul\u003e\u003cp\u003e\u003cbr\u003e\u003c\/p\u003e\u003cp\u003e\u003cstrong\u003eWho this book is for: \u003c\/strong\u003e\u003c\/p\u003e\u003cp\u003eThis book is for anyone whose job role involves ensuring their organization's security - penetration testers and red teamers who want to deepen their knowledge of the current security challenges for web applications, developers and DevOps professionals who want to get into the mindset of an attacker; and security managers and CISOs looking to truly understand the impact and risk of web, IoT, and smart contracts. Basic knowledge of web technologies, as well as related protocols is a must.\u003c\/p\u003e\u003cdiv\u003e\n\u003cstrong\u003eNumber of Pages:\u003c\/strong\u003e 338\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003eDimensions:\u003c\/strong\u003e 0.7 x 9.25 x 7.5 IN\u003c\/div\u003e\u003cdiv\u003e\n\u003cstrong\u003ePublication Date:\u003c\/strong\u003e August 25, 2023\u003c\/div\u003e","brand":"Books by splitShops","offers":[{"title":"Default Title","offer_id":51781818286368,"sku":"9781801816298","price":60.46,"currency_code":"USD","in_stock":true}],"thumbnail_url":"\/\/cdn.shopify.com\/s\/files\/1\/0974\/9764\/5344\/files\/90c77209fa0b4ed24fb4e12161dac220.webp?v=1780558182","url":"https:\/\/ebocreations.com\/products\/attacking-and-exploiting-modern-web-applications-discover-the-mindset-techniques-and-tools-to-perform-modern-web-attacks-and-exploitation-paperback","provider":"The E-Book Oasis LLC","version":"1.0","type":"link"}