Seven Deadliest Web Application Attacks


  • Mike Shema, Web Application Security Solutions, Qualys, Inc.

Seven Deadliest Wireless Technologies Attacks draws attention to the vagaries of Web security by discussing the seven deadliest vulnerabilities exploited by attackers. Each chapter presents examples of different attacks conducted against Web sites. The methodology behind the attack is explored, showing its potential impact. Then, the chapter moves on to address possible countermeasures for different aspects of the attack. The book consists of seven chapters that cover the following: the most pervasive and easily exploited vulnerabilities in Web sites and Web browsers; Structured Query Language (SQL) injection attacks; mistakes of server administrators that expose the Web site to attack; brute force attacks; and logic attacks. The ways in which malicious software malware has been growing as a threat on the Web are also discussed. This book is intended for anyone who uses the Web to check e-mail, shop, or work. Web application developers and security professionals will benefit from the technical details and methodology behind the Web attacks covered in this book. Executive level management will benefit from understanding the threats to a Web site, and in many cases, how a simple attack requiring nothing more than a Web browser can severely impact a site.
View full description


Information security professionals of all levels; web application developers; recreational hackers


Book information

  • Published: March 2010
  • Imprint: SYNGRESS
  • ISBN: 978-1-59749-543-1


"Author Mike Shema explains potential vulnerabilities and offers case studies based on actual attacks, looking at the topic from a forensic perspective to devise proper preventive measures. This is where the series will endear itself to Web application developers and to security professionals in particular…. This set of books assumes some basic familiarity with the Web. It should, however, appeal to all security professionals, from top-level executives and IT experts to the lowest rung of managers."--Security Management

"For the reader engaged in professional testing of this type the explanation of the issues and mitigation strategies will provide an ideal starting point for educating and advising clients.… For any reader looking for a sound basic introduction to web application security testing without wanting to spend too much this book can be recommended as an ideal place to start."--BCS British Computer Society

Table of Contents

About the Authors


Chapter 1 Cross-Site Scripting

    Understanding HTML Injection

         Identifying Points of Injection

         Distinguishing Different Delivery Vectors

         Handling Character Sets Safely

         Not Failing Secure

         Avoiding Blacklisted Characters Altogether

         Dealing with Browser Quirks

         The Unusual Suspects

    Employing Countermeasures

         Fixing a Static Character Set

         Normalizing Character Sets and Encoding

         Encoding the Output

         Beware of Exclusion Lists and Regexes

         Reuse, Don’t Reimplement, Code

         JavaScript Sandboxes


Chapter 2 Cross-Site Request Forgery

    Understanding Cross-Site Request Forgery

         Request Forgery via Forced Browsing

         Attacking Authenticated Actions without Passwords

         Dangerous Liaison: CSRF and XSS

         Beyond GET

         Be Wary of the Tangled Web

         Variation on a Theme: Clickjacking

    Employing Countermeasures

         Defending the Web Application

         Defending the Web Browser


Chapter 3 Structured Query Language Injection

    Understanding SQL Injection

         Breaking the Query

         Vivisecting the Database

         Alternate Attack Vectors

    Employing Countermeasures

         Validating Input

         Securing the Query

         Protecting Information

         Stay Current with Database Patches


Chapter 4 Server Misconfiguration and Predictable Pages

    Understanding the Attacks

         Identifying Insecure Design Patterns

         Targeting the Operating System

         Attacking the Server

    Employing Countermeasures

         Restricting File Access

         Using Object References

         Blacklisting Insecure Functions

         Enforcing Authorization

         Restricting Network Connections


Chapter 5 Breaking Authentication Schemes

    Understanding Authentication Attacks

         Replaying the Session Token

         Brute Force


         Resetting Passwords

         Cross-Site Scripting

         SQL Injection

         Gulls and Gullibility

    Employing Countermeasures

         Protect Session Cookies

         Engage the User

         Annoy the User

         Request Throttling

         Logging and Triangulation

         Use Alternate Authentication Schemes

         Defeating Phishing

         Protecting Passwords


Chapter 6 Logic Attacks

    Understanding Logic Attacks

         Abusing Workflows

         Exploit Policies and Practices


         Denial of Service

         Insecure Design Patterns

         Information Sieves

    Employing Countermeasures

         Documenting Requirements

         Creating Robust Test Cases

         Mapping Policies to Controls

         Defensive Programming

         Verifying the Client


Chapter 7 Web of Distrust

    Understanding Malware and Browser Attacks


         Plugging into Browser Plug-ins

         Domain Name System and Origins


    Employing Countermeasures

         Safer Browsing

         Isolating the Browser

         DNS Security Extensions