Failure to validate any input received from the client before using it in the application code is one of the most common security vulnerabilities found in web applications. This flaw is the source for major security issues, such as SQL injection and cross-site scripting (XSS). Web-penetration testers must evaluate and determine whether any input is reflected back or executed upon by the application. We'll learn how to use Burp to perform such tests.
- Title Page
- Copyright and Credits
- Packt Upsell
- Contributors
- Preface
- Getting Started with Burp Suite
- Getting to Know the Burp Suite of Tools
- Configuring, Spidering, Scanning, and Reporting with Burp
- Assessing Authentication Schemes
- Assessing Authorization Checks
- Assessing Session Management Mechanisms
- Assessing Business Logic
- Evaluating Input Validation Checks
- Attacking the Client
- Working with Burp Macros and Extensions
- Implementing Advanced Topic Attacks
- Other Books You May Enjoy
Introduction
-
No Comment
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.