About The Book:
The web application security book is divided into eight chapters. The first chapter gives a general introduction to web application security.
The second chapter explains input validation-based vulnerabilities, such as SQL Injection, XSS, Command Injection, CRLF Injection, Log Injection, XPath Injection, Function Injection, PHP Object Injection, and Regular expression-based vulnerabilities.
The third chapter deals with session management-based vulnerabilities. It explains Session Prediction, Session Sniffing, Session Fixation, XSS, etc.
The fourth chapter deals with XML-based vulnerabilities. It explains the Billion Laughs vulnerability, Quadratic Blowup vulnerability, XEE, XML Injection vulnerability, etc.
The fifth chapter explains file uploads, file inclusions, and related vulnerabilities. It also explains the Path Traversal vulnerability, Remote File Inclusion, and Local File Inclusion vulnerabilities.
The sixth chapter explains password and authentication-based vulnerabilities. It explains Credential Stuffing, Pass The Hash vulnerability, QRL Jacking, CSRF, Execution After Redirect vulnerability, etc.
The seventh chapter explains vulnerabilities based on cross-domain resource sharing and various HTTP security headers and how they help improve web application security.
The eighth chapter explains buffer overflow vulnerabilities. It provides examples and explains how to prevent them.
About The Author:
Ms. Amrita Mitra is an author and the founder of Asigosec Technologies, the company that owns The Security Buddy. Her areas of interest are cyber security, mathematics, and AI.
How To Buy The Book:
The paperback version of the web application security book is available on the following Amazon marketplaces. The Kindle version of the book is available on all Amazon marketplaces.
Reviews and Comments:
If you have read the web application security book and want to give your valuable reviews, comments, or feedback, please do so on Amazon or at the link mentioned below: