Subscription

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Learning Hub

Conferences

Free Learning

You're reading from Jenkins 2.x Continuous Integration Cookbook Over 90 recipes to produce great results using pro-level practices, techniques, and solutions

Product type Paperback

Published in Oct 2017

Publisher Packt

ISBN-13 9781788297943

Length 438 pages

Edition 3rd Edition

Languages

Java

Tools

Jenkins

Concepts

Continuous Integration

Authors (2):

Alan Mark Berg

Mitesh Soni

View More author details

Table of Contents (11) Chapters

Preface

1. Getting Started with Jenkins FREE CHAPTER

2. Management and Monitoring of Jenkins

3. Managing Security

4. Improving Code Quality

5. Building Applications in Jenkins

6. Continuous Delivery

7. Continuous Testing

8. Orchestration

9. Jenkins UI Customization

10. Processes that Improve Quality

Finding 500 errors and XSS attacks in Jenkins through fuzzing

This recipe describes using a fuzzer to find server-side errors and XSS attacks in your Jenkins servers.

A fuzzer goes through a series of URLs, appends different parameters blindly, and checks the server's response. The inputted parameters are variations on scripting commands, such as <script>alert("random string");</script>. An attack vector is found if the server's response includes the unescaped version of the script.

Cross-site scripting attacks are currently one of the more popular forms of attack (http://en.wikipedia.org/wiki/Cross-site_scripting). The attack involves injecting script fragments into the client's browser so that the script runs as if it comes from a trusted website. For example, once you have logged in to an application, it is probable that your session ID...

The rest of the chapter is locked

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Mitesh Soni

Mitesh Soni has 8 years of experience in managing software for GNU/Linux and other UNIX-like operating systems in production environment. He started working as a professional with DevOps from 2013 and has worked on several live projects related to DevOps. https://www.linkedin.com/in/alessiogarofalo

See other products by Mitesh Soni

Berg

Alan Mark Berg, BSc, MSc, PGCE, has been the lead developer at Central Computer Services at the University of Amsterdam since 1998. He is currently working in an Innovation Work Group that accelerates the creation of new and exciting services. In his famously scarce spare time, he writes. Alan has a bachelor's degree, two master's degrees, a teaching qualification, and quality assurance certifications. He has also coauthored two Packt Publishing books about Sakai , a highly successful open source learning management platform used by millions of students around the world. He has won a couple of awards, including the Sakai Fellowship and Teaching With Sakai Innovation Award (TWSIA). Alan enjoys working with talent; this forces him to improve his own competencies. This motivation is why Alan enjoys working in energetic, open source communities of interest. At the time of writing, he is on the board of directors of the Apereo Foundation and is the community officer for its Learning Analytics Initiative.In previous incarnations, Alan was a QA director, a technical writer, an Internet/Linux course writer, a product line development officer, and a teacher. He likes to get his hands dirty with building, gluing systems, exploring data, and turning it into actionable information. He remains agile by ruining various development and acceptance environments and generally rampaging through the green fields of technological opportunity.

See other products by Berg