The penetration tester's guide to web applications /:
"This innovative new resource provides both professionals and aspiring professionals with clear guidance on how to identify and exploit common web application vulnerabilities. The book focuses on offensive security and how to attack web applications. It describes each of the Open Web Applicatio...
Gespeichert in:
| 1. Verfasser: | |
|---|---|
| Format: | Elektronisch E-Book |
| Sprache: | English |
| Veröffentlicht: |
Norwood, MA :
Artech House,
[2019]
|
| Schriftenreihe: | Artech House information security and privacy series.
Artech House computer security series. |
| Schlagworte: | |
| Online-Zugang: | Volltext |
| Zusammenfassung: | "This innovative new resource provides both professionals and aspiring professionals with clear guidance on how to identify and exploit common web application vulnerabilities. The book focuses on offensive security and how to attack web applications. It describes each of the Open Web Application Security Project (OWASP) top ten vulnerabilities, including broken authentication, cross-site scripting and insecure deserialization, and details how to identify and exploit each weakness. Readers learn to bridge the gap between high-risk vulnerabilities and exploiting flaws to get shell access. The book demonstrates how to work in a professional services space to produce quality and thorough testing results by detailing the requirements of providing a best-of-class penetration testing service. It offers insight into the problem of not knowing how to approach a web app pen test and the challenge of integrating a mature pen testing program into an organization. Based on the author's many years of first-hand experience, this book provides examples of how to break into user accounts, how to breach systems, and how to configure and wield penetration testing tools."--Publisher's description |
| Beschreibung: | Includes index |
| Beschreibung: | 1 online resource (xii, 201 pages) : illustrations |
| ISBN: | 9781630816247 1630816248 |
Internformat
MARC
| LEADER | 00000cam a2200000 i 4500 | ||
|---|---|---|---|
| 001 | ZDB-4-EBA-on1112088469 | ||
| 003 | OCoLC | ||
| 005 | 20241004212047.0 | ||
| 006 | m o d | ||
| 007 | cr cnu---unuuu | ||
| 008 | 190710t20192019maua o 001 0 eng d | ||
| 040 | |a STF |b eng |e rda |e pn |c STF |d EBLCP |d GSU |d YDXIT |d OCLCF |d AU@ |d OCLCQ |d YDX |d CUV |d UKAHL |d N$T |d OCLCQ |d IBI |d COO |d OCLCO |d IEEEE |d OCLCQ |d OCLCO |d OCLCQ |d OCLCO |d OCLCL | ||
| 019 | |a 1114319521 |a 1142445910 |a 1162168464 |a 1388673637 | ||
| 020 | |a 9781630816247 |q (electronic bk.) | ||
| 020 | |a 1630816248 |q (electronic book) | ||
| 020 | |z 9781630816223 | ||
| 020 | |z 1630816221 | ||
| 035 | |a (OCoLC)1112088469 |z (OCoLC)1114319521 |z (OCoLC)1142445910 |z (OCoLC)1162168464 |z (OCoLC)1388673637 | ||
| 050 | 4 | |a QA76.9.A25 |b B67 2019eb | |
| 072 | 0 | |a COM053000 | |
| 082 | 7 | |a 005.8 |2 23 | |
| 049 | |a MAIN | ||
| 100 | 1 | |a Borso, Serge, |e author. |0 http://id.loc.gov/authorities/names/no2019143649 | |
| 245 | 1 | 4 | |a The penetration tester's guide to web applications / |c Serge Borso |
| 264 | 1 | |a Norwood, MA : |b Artech House, |c [2019] | |
| 264 | 4 | |c ©2019 | |
| 300 | |a 1 online resource (xii, 201 pages) : |b illustrations | ||
| 336 | |a text |b txt |2 rdacontent | ||
| 337 | |a computer |b c |2 rdamedia | ||
| 338 | |a online resource |b cr |2 rdacarrier | ||
| 490 | 1 | |a Information security and privacy series | |
| 490 | 1 | |a Artech House computer security series | |
| 588 | 0 | |a Online resource; title from digital title page (viewed on September 30, 2019) | |
| 500 | |a Includes index | ||
| 505 | 0 | |a 1. Introduction -- 2. OWASP A1: 2017 Injection -- 3. OWASP A2:2017 Broken authentication -- 4. OWASP A3:2017 Sensitive data exposure -- 5. OWASP A4:2017 XML external entities (XXE) -- 6. OWASP A5:2017 Broken access control -- 7. OWASP A6:2017 Security misconfiguration -- 8. OWASP A7:2017 Cross-site scripting (XSS) -- 9. OWASP A8:2017 Insecure deserialization -- 10. OWASP A9:2017 Using components with known vulnerabilities -- 11. OWASP A10:2017 Insufficient logging and monitoring -- 12. Beyond the OWASP top 10 -- 13. Testing as a consultant and adding value | |
| 520 | |a "This innovative new resource provides both professionals and aspiring professionals with clear guidance on how to identify and exploit common web application vulnerabilities. The book focuses on offensive security and how to attack web applications. It describes each of the Open Web Application Security Project (OWASP) top ten vulnerabilities, including broken authentication, cross-site scripting and insecure deserialization, and details how to identify and exploit each weakness. Readers learn to bridge the gap between high-risk vulnerabilities and exploiting flaws to get shell access. The book demonstrates how to work in a professional services space to produce quality and thorough testing results by detailing the requirements of providing a best-of-class penetration testing service. It offers insight into the problem of not knowing how to approach a web app pen test and the challenge of integrating a mature pen testing program into an organization. Based on the author's many years of first-hand experience, this book provides examples of how to break into user accounts, how to breach systems, and how to configure and wield penetration testing tools."--Publisher's description | ||
| 650 | 0 | |a Penetration testing (Computer security) |0 http://id.loc.gov/authorities/subjects/sh2011003137 | |
| 650 | 0 | |a Computer security. |0 http://id.loc.gov/authorities/subjects/sh90001862 | |
| 650 | 2 | |a Computer Security |0 https://id.nlm.nih.gov/mesh/D016494 | |
| 650 | 6 | |a Tests d'intrusion. | |
| 650 | 6 | |a Sécurité informatique. | |
| 650 | 7 | |a Computer security |2 fast | |
| 650 | 7 | |a Penetration testing (Computer security) |2 fast | |
| 653 | |a Computing & Information Technology | ||
| 653 | |a EDV und Informationstechnologie | ||
| 653 | |a Informatique et technologies de l'information | ||
| 653 | |a Computer security | ||
| 653 | |a Computersicherheit | ||
| 653 | |a Sécurité informatique | ||
| 758 | |i has work: |a The penetration tester's guide to web applications (Text) |1 https://id.oclc.org/worldcat/entity/E39PCG7rxWRwMX6MJVgcx6XbFq |4 https://id.oclc.org/worldcat/ontology/hasWork | ||
| 776 | 0 | 8 | |i Print version: |a Borso, Serge. |t Penetration tester's guide to web applications. |d Norwood, MA : Artech House, [2019] |z 1630816221 |w (OCoLC)1090280703 |
| 830 | 0 | |a Artech House information security and privacy series. |0 http://id.loc.gov/authorities/names/no2007048455 | |
| 830 | 0 | |a Artech House computer security series. |0 http://id.loc.gov/authorities/names/no00015115 | |
| 856 | 4 | 0 | |l FWS01 |p ZDB-4-EBA |q FWS_PDA_EBA |u https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2227829 |3 Volltext |
| 938 | |a Askews and Holts Library Services |b ASKH |n AH36598893 | ||
| 938 | |a ProQuest Ebook Central |b EBLB |n EBL5848443 | ||
| 938 | |a EBSCOhost |b EBSC |n 2227829 | ||
| 938 | |a IEEE |b IEEE |n 9098780 | ||
| 938 | |a YBP Library Services |b YANK |n 300759185 | ||
| 994 | |a 92 |b GEBAY | ||
| 912 | |a ZDB-4-EBA | ||
| 049 | |a DE-863 | ||
Datensatz im Suchindex
| DE-BY-FWS_katkey | ZDB-4-EBA-on1112088469 |
|---|---|
| _version_ | 1816882498415624192 |
| adam_text | |
| any_adam_object | |
| author | Borso, Serge |
| author_GND | http://id.loc.gov/authorities/names/no2019143649 |
| author_facet | Borso, Serge |
| author_role | aut |
| author_sort | Borso, Serge |
| author_variant | s b sb |
| building | Verbundindex |
| bvnumber | localFWS |
| callnumber-first | Q - Science |
| callnumber-label | QA76 |
| callnumber-raw | QA76.9.A25 B67 2019eb |
| callnumber-search | QA76.9.A25 B67 2019eb |
| callnumber-sort | QA 276.9 A25 B67 42019EB |
| callnumber-subject | QA - Mathematics |
| collection | ZDB-4-EBA |
| contents | 1. Introduction -- 2. OWASP A1: 2017 Injection -- 3. OWASP A2:2017 Broken authentication -- 4. OWASP A3:2017 Sensitive data exposure -- 5. OWASP A4:2017 XML external entities (XXE) -- 6. OWASP A5:2017 Broken access control -- 7. OWASP A6:2017 Security misconfiguration -- 8. OWASP A7:2017 Cross-site scripting (XSS) -- 9. OWASP A8:2017 Insecure deserialization -- 10. OWASP A9:2017 Using components with known vulnerabilities -- 11. OWASP A10:2017 Insufficient logging and monitoring -- 12. Beyond the OWASP top 10 -- 13. Testing as a consultant and adding value |
| ctrlnum | (OCoLC)1112088469 |
| dewey-full | 005.8 |
| dewey-hundreds | 000 - Computer science, information, general works |
| dewey-ones | 005 - Computer programming, programs, data, security |
| dewey-raw | 005.8 |
| dewey-search | 005.8 |
| dewey-sort | 15.8 |
| dewey-tens | 000 - Computer science, information, general works |
| discipline | Informatik |
| format | Electronic eBook |
| fullrecord | <?xml version="1.0" encoding="UTF-8"?><collection xmlns="http://www.loc.gov/MARC21/slim"><record><leader>04955cam a2200685 i 4500</leader><controlfield tag="001">ZDB-4-EBA-on1112088469</controlfield><controlfield tag="003">OCoLC</controlfield><controlfield tag="005">20241004212047.0</controlfield><controlfield tag="006">m o d </controlfield><controlfield tag="007">cr cnu---unuuu</controlfield><controlfield tag="008">190710t20192019maua o 001 0 eng d</controlfield><datafield tag="040" ind1=" " ind2=" "><subfield code="a">STF</subfield><subfield code="b">eng</subfield><subfield code="e">rda</subfield><subfield code="e">pn</subfield><subfield code="c">STF</subfield><subfield code="d">EBLCP</subfield><subfield code="d">GSU</subfield><subfield code="d">YDXIT</subfield><subfield code="d">OCLCF</subfield><subfield code="d">AU@</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">YDX</subfield><subfield code="d">CUV</subfield><subfield code="d">UKAHL</subfield><subfield code="d">N$T</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">IBI</subfield><subfield code="d">COO</subfield><subfield code="d">OCLCO</subfield><subfield code="d">IEEEE</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCQ</subfield><subfield code="d">OCLCO</subfield><subfield code="d">OCLCL</subfield></datafield><datafield tag="019" ind1=" " ind2=" "><subfield code="a">1114319521</subfield><subfield code="a">1142445910</subfield><subfield code="a">1162168464</subfield><subfield code="a">1388673637</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">9781630816247</subfield><subfield code="q">(electronic bk.)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="a">1630816248</subfield><subfield code="q">(electronic book)</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">9781630816223</subfield></datafield><datafield tag="020" ind1=" " ind2=" "><subfield code="z">1630816221</subfield></datafield><datafield tag="035" ind1=" " ind2=" "><subfield code="a">(OCoLC)1112088469</subfield><subfield code="z">(OCoLC)1114319521</subfield><subfield code="z">(OCoLC)1142445910</subfield><subfield code="z">(OCoLC)1162168464</subfield><subfield code="z">(OCoLC)1388673637</subfield></datafield><datafield tag="050" ind1=" " ind2="4"><subfield code="a">QA76.9.A25</subfield><subfield code="b">B67 2019eb</subfield></datafield><datafield tag="072" ind1=" " ind2="0"><subfield code="a">COM053000</subfield></datafield><datafield tag="082" ind1="7" ind2=" "><subfield code="a">005.8</subfield><subfield code="2">23</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">MAIN</subfield></datafield><datafield tag="100" ind1="1" ind2=" "><subfield code="a">Borso, Serge,</subfield><subfield code="e">author.</subfield><subfield code="0">http://id.loc.gov/authorities/names/no2019143649</subfield></datafield><datafield tag="245" ind1="1" ind2="4"><subfield code="a">The penetration tester's guide to web applications /</subfield><subfield code="c">Serge Borso</subfield></datafield><datafield tag="264" ind1=" " ind2="1"><subfield code="a">Norwood, MA :</subfield><subfield code="b">Artech House,</subfield><subfield code="c">[2019]</subfield></datafield><datafield tag="264" ind1=" " ind2="4"><subfield code="c">©2019</subfield></datafield><datafield tag="300" ind1=" " ind2=" "><subfield code="a">1 online resource (xii, 201 pages) :</subfield><subfield code="b">illustrations</subfield></datafield><datafield tag="336" ind1=" " ind2=" "><subfield code="a">text</subfield><subfield code="b">txt</subfield><subfield code="2">rdacontent</subfield></datafield><datafield tag="337" ind1=" " ind2=" "><subfield code="a">computer</subfield><subfield code="b">c</subfield><subfield code="2">rdamedia</subfield></datafield><datafield tag="338" ind1=" " ind2=" "><subfield code="a">online resource</subfield><subfield code="b">cr</subfield><subfield code="2">rdacarrier</subfield></datafield><datafield tag="490" ind1="1" ind2=" "><subfield code="a">Information security and privacy series</subfield></datafield><datafield tag="490" ind1="1" ind2=" "><subfield code="a">Artech House computer security series</subfield></datafield><datafield tag="588" ind1="0" ind2=" "><subfield code="a">Online resource; title from digital title page (viewed on September 30, 2019)</subfield></datafield><datafield tag="500" ind1=" " ind2=" "><subfield code="a">Includes index</subfield></datafield><datafield tag="505" ind1="0" ind2=" "><subfield code="a">1. Introduction -- 2. OWASP A1: 2017 Injection -- 3. OWASP A2:2017 Broken authentication -- 4. OWASP A3:2017 Sensitive data exposure -- 5. OWASP A4:2017 XML external entities (XXE) -- 6. OWASP A5:2017 Broken access control -- 7. OWASP A6:2017 Security misconfiguration -- 8. OWASP A7:2017 Cross-site scripting (XSS) -- 9. OWASP A8:2017 Insecure deserialization -- 10. OWASP A9:2017 Using components with known vulnerabilities -- 11. OWASP A10:2017 Insufficient logging and monitoring -- 12. Beyond the OWASP top 10 -- 13. Testing as a consultant and adding value</subfield></datafield><datafield tag="520" ind1=" " ind2=" "><subfield code="a">"This innovative new resource provides both professionals and aspiring professionals with clear guidance on how to identify and exploit common web application vulnerabilities. The book focuses on offensive security and how to attack web applications. It describes each of the Open Web Application Security Project (OWASP) top ten vulnerabilities, including broken authentication, cross-site scripting and insecure deserialization, and details how to identify and exploit each weakness. Readers learn to bridge the gap between high-risk vulnerabilities and exploiting flaws to get shell access. The book demonstrates how to work in a professional services space to produce quality and thorough testing results by detailing the requirements of providing a best-of-class penetration testing service. It offers insight into the problem of not knowing how to approach a web app pen test and the challenge of integrating a mature pen testing program into an organization. Based on the author's many years of first-hand experience, this book provides examples of how to break into user accounts, how to breach systems, and how to configure and wield penetration testing tools."--Publisher's description</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Penetration testing (Computer security)</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh2011003137</subfield></datafield><datafield tag="650" ind1=" " ind2="0"><subfield code="a">Computer security.</subfield><subfield code="0">http://id.loc.gov/authorities/subjects/sh90001862</subfield></datafield><datafield tag="650" ind1=" " ind2="2"><subfield code="a">Computer Security</subfield><subfield code="0">https://id.nlm.nih.gov/mesh/D016494</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Tests d'intrusion.</subfield></datafield><datafield tag="650" ind1=" " ind2="6"><subfield code="a">Sécurité informatique.</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Computer security</subfield><subfield code="2">fast</subfield></datafield><datafield tag="650" ind1=" " ind2="7"><subfield code="a">Penetration testing (Computer security)</subfield><subfield code="2">fast</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Computing & Information Technology</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">EDV und Informationstechnologie</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Informatique et technologies de l'information</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Computer security</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Computersicherheit</subfield></datafield><datafield tag="653" ind1=" " ind2=" "><subfield code="a">Sécurité informatique</subfield></datafield><datafield tag="758" ind1=" " ind2=" "><subfield code="i">has work:</subfield><subfield code="a">The penetration tester's guide to web applications (Text)</subfield><subfield code="1">https://id.oclc.org/worldcat/entity/E39PCG7rxWRwMX6MJVgcx6XbFq</subfield><subfield code="4">https://id.oclc.org/worldcat/ontology/hasWork</subfield></datafield><datafield tag="776" ind1="0" ind2="8"><subfield code="i">Print version:</subfield><subfield code="a">Borso, Serge.</subfield><subfield code="t">Penetration tester's guide to web applications.</subfield><subfield code="d">Norwood, MA : Artech House, [2019]</subfield><subfield code="z">1630816221</subfield><subfield code="w">(OCoLC)1090280703</subfield></datafield><datafield tag="830" ind1=" " ind2="0"><subfield code="a">Artech House information security and privacy series.</subfield><subfield code="0">http://id.loc.gov/authorities/names/no2007048455</subfield></datafield><datafield tag="830" ind1=" " ind2="0"><subfield code="a">Artech House computer security series.</subfield><subfield code="0">http://id.loc.gov/authorities/names/no00015115</subfield></datafield><datafield tag="856" ind1="4" ind2="0"><subfield code="l">FWS01</subfield><subfield code="p">ZDB-4-EBA</subfield><subfield code="q">FWS_PDA_EBA</subfield><subfield code="u">https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2227829</subfield><subfield code="3">Volltext</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">Askews and Holts Library Services</subfield><subfield code="b">ASKH</subfield><subfield code="n">AH36598893</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">ProQuest Ebook Central</subfield><subfield code="b">EBLB</subfield><subfield code="n">EBL5848443</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">EBSCOhost</subfield><subfield code="b">EBSC</subfield><subfield code="n">2227829</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">IEEE</subfield><subfield code="b">IEEE</subfield><subfield code="n">9098780</subfield></datafield><datafield tag="938" ind1=" " ind2=" "><subfield code="a">YBP Library Services</subfield><subfield code="b">YANK</subfield><subfield code="n">300759185</subfield></datafield><datafield tag="994" ind1=" " ind2=" "><subfield code="a">92</subfield><subfield code="b">GEBAY</subfield></datafield><datafield tag="912" ind1=" " ind2=" "><subfield code="a">ZDB-4-EBA</subfield></datafield><datafield tag="049" ind1=" " ind2=" "><subfield code="a">DE-863</subfield></datafield></record></collection> |
| id | ZDB-4-EBA-on1112088469 |
| illustrated | Illustrated |
| indexdate | 2024-11-27T13:29:34Z |
| institution | BVB |
| isbn | 9781630816247 1630816248 |
| language | English |
| oclc_num | 1112088469 |
| open_access_boolean | |
| owner | MAIN DE-863 DE-BY-FWS |
| owner_facet | MAIN DE-863 DE-BY-FWS |
| physical | 1 online resource (xii, 201 pages) : illustrations |
| psigel | ZDB-4-EBA |
| publishDate | 2019 |
| publishDateSearch | 2019 |
| publishDateSort | 2019 |
| publisher | Artech House, |
| record_format | marc |
| series | Artech House information security and privacy series. Artech House computer security series. |
| series2 | Information security and privacy series Artech House computer security series |
| spelling | Borso, Serge, author. http://id.loc.gov/authorities/names/no2019143649 The penetration tester's guide to web applications / Serge Borso Norwood, MA : Artech House, [2019] ©2019 1 online resource (xii, 201 pages) : illustrations text txt rdacontent computer c rdamedia online resource cr rdacarrier Information security and privacy series Artech House computer security series Online resource; title from digital title page (viewed on September 30, 2019) Includes index 1. Introduction -- 2. OWASP A1: 2017 Injection -- 3. OWASP A2:2017 Broken authentication -- 4. OWASP A3:2017 Sensitive data exposure -- 5. OWASP A4:2017 XML external entities (XXE) -- 6. OWASP A5:2017 Broken access control -- 7. OWASP A6:2017 Security misconfiguration -- 8. OWASP A7:2017 Cross-site scripting (XSS) -- 9. OWASP A8:2017 Insecure deserialization -- 10. OWASP A9:2017 Using components with known vulnerabilities -- 11. OWASP A10:2017 Insufficient logging and monitoring -- 12. Beyond the OWASP top 10 -- 13. Testing as a consultant and adding value "This innovative new resource provides both professionals and aspiring professionals with clear guidance on how to identify and exploit common web application vulnerabilities. The book focuses on offensive security and how to attack web applications. It describes each of the Open Web Application Security Project (OWASP) top ten vulnerabilities, including broken authentication, cross-site scripting and insecure deserialization, and details how to identify and exploit each weakness. Readers learn to bridge the gap between high-risk vulnerabilities and exploiting flaws to get shell access. The book demonstrates how to work in a professional services space to produce quality and thorough testing results by detailing the requirements of providing a best-of-class penetration testing service. It offers insight into the problem of not knowing how to approach a web app pen test and the challenge of integrating a mature pen testing program into an organization. Based on the author's many years of first-hand experience, this book provides examples of how to break into user accounts, how to breach systems, and how to configure and wield penetration testing tools."--Publisher's description Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computer Security https://id.nlm.nih.gov/mesh/D016494 Tests d'intrusion. Sécurité informatique. Computer security fast Penetration testing (Computer security) fast Computing & Information Technology EDV und Informationstechnologie Informatique et technologies de l'information Computer security Computersicherheit Sécurité informatique has work: The penetration tester's guide to web applications (Text) https://id.oclc.org/worldcat/entity/E39PCG7rxWRwMX6MJVgcx6XbFq https://id.oclc.org/worldcat/ontology/hasWork Print version: Borso, Serge. Penetration tester's guide to web applications. Norwood, MA : Artech House, [2019] 1630816221 (OCoLC)1090280703 Artech House information security and privacy series. http://id.loc.gov/authorities/names/no2007048455 Artech House computer security series. http://id.loc.gov/authorities/names/no00015115 FWS01 ZDB-4-EBA FWS_PDA_EBA https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2227829 Volltext |
| spellingShingle | Borso, Serge The penetration tester's guide to web applications / Artech House information security and privacy series. Artech House computer security series. 1. Introduction -- 2. OWASP A1: 2017 Injection -- 3. OWASP A2:2017 Broken authentication -- 4. OWASP A3:2017 Sensitive data exposure -- 5. OWASP A4:2017 XML external entities (XXE) -- 6. OWASP A5:2017 Broken access control -- 7. OWASP A6:2017 Security misconfiguration -- 8. OWASP A7:2017 Cross-site scripting (XSS) -- 9. OWASP A8:2017 Insecure deserialization -- 10. OWASP A9:2017 Using components with known vulnerabilities -- 11. OWASP A10:2017 Insufficient logging and monitoring -- 12. Beyond the OWASP top 10 -- 13. Testing as a consultant and adding value Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computer Security https://id.nlm.nih.gov/mesh/D016494 Tests d'intrusion. Sécurité informatique. Computer security fast Penetration testing (Computer security) fast |
| subject_GND | http://id.loc.gov/authorities/subjects/sh2011003137 http://id.loc.gov/authorities/subjects/sh90001862 https://id.nlm.nih.gov/mesh/D016494 |
| title | The penetration tester's guide to web applications / |
| title_auth | The penetration tester's guide to web applications / |
| title_exact_search | The penetration tester's guide to web applications / |
| title_full | The penetration tester's guide to web applications / Serge Borso |
| title_fullStr | The penetration tester's guide to web applications / Serge Borso |
| title_full_unstemmed | The penetration tester's guide to web applications / Serge Borso |
| title_short | The penetration tester's guide to web applications / |
| title_sort | penetration tester s guide to web applications |
| topic | Penetration testing (Computer security) http://id.loc.gov/authorities/subjects/sh2011003137 Computer security. http://id.loc.gov/authorities/subjects/sh90001862 Computer Security https://id.nlm.nih.gov/mesh/D016494 Tests d'intrusion. Sécurité informatique. Computer security fast Penetration testing (Computer security) fast |
| topic_facet | Penetration testing (Computer security) Computer security. Computer Security Tests d'intrusion. Sécurité informatique. Computer security |
| url | https://search.ebscohost.com/login.aspx?direct=true&scope=site&db=nlebk&AN=2227829 |
| work_keys_str_mv | AT borsoserge thepenetrationtestersguidetowebapplications AT borsoserge penetrationtestersguidetowebapplications |