Hacksplaining is now a book! Hacksplaining has partnered with No Starch Press put all your essential web security knowledge into dead-tree form.
Web Security for Developers will teach you how your websites are vulnerable to attack and how to protect them. Each chapter breaks down a major security vulnerability and explores a real-world attack, coupled with plenty of code to show you both the vulnerability and the fix. You’ll learn how to:
- Protect against SQL injection attacks, malicious JavaScript, and cross-site request forgery
- Add authentication and shape access control to protect accounts
- Lock down user accounts to prevent attacks that rely on guessing passwords, stealing sessions, or escalating privileges
- Implement encryption
- Manage vulnerabilities in legacy code
- Prevent information leaks that disclose vulnerabilities
- Mitigate advanced attacks like malvertising and denial-of-service
What's in the Book
- Introduction
- Chapter 1: Let’s Hack a Website
Part I: The Basics
- Chapter 2: How the Internet Works
- Chapter 3: How Browsers Work
- Chapter 4: How Web Servers Work
- Chapter 5: How Programmers Work
- Chapter 6: Injection Attacks
Part II: The Threats
- Chapter 7: Cross-Site Scripting Attacks
- Chapter 8: Cross-Site Request Forgery Attacks
- Chapter 9: Compromising Authentication
- Chapter 10: Session Hijacking
- Chapter 11: Permissions
- Chapter 12: Information Leaks
- Chapter 13: Encryption
- Chapter 14: Third-party Code
- Chapter 15: XML Attacks
- Chapter 16: Don't Be an Accessory
- Chapter 17: Denial-of-Service Attacks
- Chapter 18: Summing Up
- Index
Product Details
Published: June 2020
Pages: 216
ISBN-13: 9781593279943