Description: Attacking and Exploiting Modern Web Applications by Simone Onofri, Donato Onofri, Matteo Meucci Estimated delivery 3-12 business days Format Paperback Condition Brand New Description Master the art of web exploitation with real-world techniques on SAML, WordPress, IoT, ElectronJS, and Ethereum smart contractsPurchase of the print or Kindle book includes a free PDF eBookKey FeaturesLearn how to detect vulnerabilities using source code, dynamic analysis, and decompiling binariesFind and exploit vulnerabilities such as SQL Injection, XSS, Command Injection, RCE, and ReentrancyAnalyze real-world security incidents based on MITRE ATT&CK to understand the risk at the CISO levelBook DescriptionWeb attacks and exploits pose an ongoing threat to the interconnected world. This comprehensive book explores the latest challenges in web application security, providing you with an in-depth understanding of hackers methods and the practical knowledge and skills needed to effectively understand web attacks.The book starts by emphasizing the importance of mindset and toolset in conducting successful web attacks. Youll then explore the methodologies and frameworks used in these attacks, and learn how to configure the environment using interception proxies, automate tasks with Bash and Python, and set up a research lab. As you advance through the book, youll discover how to attack the SAML authentication layer; attack front-facing web applications by learning WordPress and SQL injection, and exploit vulnerabilities in IoT devices, such as command injection, by going through three CTFs and learning about the discovery of seven CVEs. Each chapter analyzes confirmed cases of exploitation mapped with MITRE ATT&CK. Youll also analyze attacks on Electron JavaScript-based applications, such as XSS and RCE, and the security challenges of auditing and exploiting Ethereum smart contracts written in Solidity. Finally, youll find out how to disclose vulnerabilities.By the end of this book, youll have enhanced your ability to find and exploit web vulnerabilities.What you will learnUnderstand the mindset, methodologies, and toolset needed to carry out web attacksDiscover how SAML and SSO work and study their vulnerabilitiesGet to grips with WordPress and learn how to exploit SQL injectionFind out how IoT devices work and exploit command injectionFamiliarize yourself with ElectronJS applications and transform an XSS to an RCEDiscover how to audit Soliditys Ethereum smart contractsGet the hang of decompiling, debugging, and instrumenting web applicationsWho this book is forThis book is for anyone whose job role involves ensuring their organizations security – penetration testers and red teamers who want to deepen their knowledge of the current security challenges for web applications, developers and DevOps professionals who want to get into the mindset of an attacker; and security managers and CISOs looking to truly understand the impact and risk of web, IoT, and smart contracts. Basic knowledge of web technologies, as well as related protocols is a must. Author Biography Simone Onofri is a cybersecurity director with over two decades of experience in Red and Blue Teaming, vulnerability research, and product management. He has been an instructor at the Joint Intelligence and EW Training Centre and is associated with global companies such as HewlettPackard Enterprise. Simone has discovered various vulnerabilities and holds key certifications such as GXPN, GREM, GWAPT, OSCP, and OPSA. An active participant in organizations such as OWASP and ISECOM, he regularly speaks at major conferences, including TEDx. Simone is committed to inspiring and educating industry professionals and enthusiasts through his work, with a mission to create a positive influence. Donato Onofri is a seasoned Red Team engineer. He has over a decade of experience in activities including reverse engineering, Red Teaming, threat research, and penetration testing. Passionate about both the offensive and defensive sides of cybersecurity, Donato has worked with industry leaders such as CrowdStrike and Hewlett-Packard Enterprise and as an advisor and engineer for governments and financial institutions. His research delves into state-of-the-art security techniques, malware analysis, and internals. He holds the GREM, GXPN, OSCP, OSCE, and OSWE certifications, and his expertise is underscored by multiple recognitions for vulnerability discovery. Details ISBN 1801816298 ISBN-13 9781801816298 Title Attacking and Exploiting Modern Web Applications Author Simone Onofri, Donato Onofri, Matteo Meucci Format Paperback Year 2023 Pages 338 Publisher Packt Publishing Limited GE_Item_ID:143178983; About Us Grand Eagle Retail is the ideal place for all your shopping needs! With fast shipping, low prices, friendly service and over 1,000,000 in stock items - you're bound to find what you want, at a price you'll love! Shipping & Delivery Times Shipping is FREE to any address in USA. Please view eBay estimated delivery times at the top of the listing. Deliveries are made by either USPS or Courier. We are unable to deliver faster than stated. International deliveries will take 1-6 weeks. NOTE: We are unable to offer combined shipping for multiple items purchased. This is because our items are shipped from different locations. Returns If you wish to return an item, please consult our Returns Policy as below: Please contact Customer Services and request "Return Authorisation" before you send your item back to us. Unauthorised returns will not be accepted. Returns must be postmarked within 4 business days of authorisation and must be in resellable condition. Returns are shipped at the customer's risk. We cannot take responsibility for items which are lost or damaged in transit. For purchases where a shipping charge was paid, there will be no refund of the original shipping charge. Additional Questions If you have any questions please feel free to Contact Us. Categories Baby Books Electronics Fashion Games Health & Beauty Home, Garden & Pets Movies Music Sports & Outdoors Toys
Price: 47.59 USD
Location: Fairfield, Ohio
End Time: 2024-11-12T04:36:57.000Z
Shipping Cost: 0 USD
Product Images
Item Specifics
Restocking Fee: No
Return shipping will be paid by: Buyer
All returns accepted: Returns Accepted
Item must be returned within: 30 Days
Refund will be given as: Money Back
ISBN-13: 9781801816298
Book Title: Attacking and Exploiting Modern Web Applications
Publication Name: Attacking and Exploiting Modern Web Applications : Discover the Mindset, Techniques, and Tools to Perform Modern Web Attacks and Exploitation
Language: English
Publisher: Packt Publishing, The Limited
Publication Year: 2023
Subject: Security / Online Safety & Privacy
Type: Textbook
Item Length: 92.5 in
Subject Area: Computers
Author: Simone Onofri, Donato Onofri
Item Width: 75 in
Format: Trade Paperback
