You're reading from Mastering Defensive Security Effective techniques to secure your Windows, Linux, IoT, and cloud infrastructure

Product type Paperback

Published in Jan 2022

Publisher Packt

ISBN-13 9781800208162

Length 528 pages

Edition 1st Edition

Languages

SQL

Tools

Kali Linux

Concepts

Cybersecurity

Author (1):

Cesar Bravo

View More author details

Table of Contents (23) Chapters

Preface

1. Section 1: Mastering Defensive Security Concepts

2. Chapter 1: A Refresher on Defensive Security Concepts FREE CHAPTER

3. Chapter 2: Managing Threats, Vulnerabilities, and Risks

4. Chapter 3: Comprehending Policies, Procedures, Compliance, and Audits

5. Chapter 4: Patching Layer 8

6. Chapter 5: Cybersecurity Technologies and Tools

7. Section 2: Applying Defensive Security

8. Chapter 6: Securing Windows Infrastructures

9. Chapter 7: Hardening a Unix Server

10. Chapter 8: Enhancing Your Network Defensive Skills

11. Chapter 9: Deep Diving into Physical Security

12. Chapter 10: Applying IoT Security

13. Chapter 11: Secure Development and Deployment on the Cloud

14. Chapter 12: Mastering Web App Security

15. Section 3: Deep Dive into Defensive Security

16. Chapter 13: Vulnerability Assessment Tools

17. Chapter 14: Malware Analysis

18. Chapter 15: Leveraging Pentesting for Defensive Security

19. Chapter 16: Practicing Forensics

20. Chapter 17: Achieving Automation of Security Tools

21. Chapter 18: The Master's Compilation of Useful Resources

22. Other Books You May Enjoy

Overviewing the most common attacks on web applications

Now is the time to talk about the most common attacks against web applications that you may face and, of course, all the methods, techniques, and tools that you can use to protect your systems against them.

Exploring XSS attacks

The logic behind this type of attack is very simple: to leverage some JavaScript or HTML to execute some code on your web application.

To better understand these types of attacks, let's look at one of the most common types of XSS attacks: the hijacking of user sessions.

Hijacking a user session

Here, the attacker will try to inject malicious code into a web application that can be used to exfiltrate the session cookie that will be used to impersonate the victim.

To better illustrate this attack, let's see an example based on a web application used to rent houses, as follows:

The attacker will log in to the vulnerable site and create an entry to advertise the renting...

The rest of the chapter is locked

You're reading from Mastering Defensive Security Effective techniques to secure your Windows, Linux, IoT, and cloud infrastructure

Table of Contents (23) Chapters

Overviewing the most common attacks on web applications

Exploring XSS attacks

Hijacking a user session

Authors (1)

Personalised recommendations for you

You're reading from Mastering Defensive Security Effective techniques to secure your Windows, Linux, IoT, and cloud infrastructure

Table of Contents (23) Chapters

Overviewing the most common attacks on web applications

Exploring XSS attacks

Hijacking a user session

Unlock this book and the full library FREE for 7 days

Authors (1)

Personalised recommendations for you