wahh_extras
The Web Application Hacker's Handbook - Extra Content
For all of you who have read "The web application hacker's handbook vol2", there are several references to extras, questions, source code that are not easy to found. I've collected all in this repository.
TOC
- Web applications pentesting
- Book Index
- Answers
- Chapter 2 – Core Defense Mechanisms
- Chapter 3 – Web Application Technologies
- Chapter 4 – Mapping the Application
- Chapter 5 – Bypassing Client-Side Controls
- Chapter 6 – Attacking Authentication
- Chapter 7 – Attacking Session Management
- Chapter 8 – Attacking Access Controls
- Chapter 9 – Attacking Data Stores
- Chapter 10 – Attacking Back-End Components
- Chapter 11 – Attacking Application Logic
- Chapter 12 – Attacking Users: Cross-Site Scripting
- Chapter 13 – Attacking Users: Other Techniques
- Chapter 14 – Automating Customized Attacks
- Chapter 15 – Exploiting Information Disclosure
- Chapter 16 – Attacking Native Compiled Applications
- Chapter 17 – Attacking Application Architecture
- Chapter 18 – Attacking the Application Server
- Chapter 19 – Finding Vulnerabilities in Source Code
- Source Code
- Chapter 14
- Tools
- Proxy / spider tool suites
- Browser extensions (Firefox)
- Browser extensions (Internet Explorer)
- Java
- ActiveX
- Flash
- Vulnerability scanners
- Miscellaneous
- Web Applicattion attack checklist
- Recon and analysis
- Test handling of access
- Test handling of input
- Test application logic
- Assess application hosting
- Miscellaneous tests