Description

Book Synopsis

Defending your web applications against hackers and attackers

The top-selling book Web Application Hacker''s Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender''s Cookbook is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants.

Each recipe shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more.

  • Provides practical tactics for detecting web attacks and malicious behavior an

    Trade Review
    For those that want to ensure their web sites are as secure as possible, their developers should certainly implement the delicious recipes in Web Application Defender's Cookbook. (RSA Conference, Jan 2013)

    Table of Contents

    Foreword xix

    Introduction xxiii

    I Preparing the Battle Space 1

    1 Application Fortification 7

    Recipe 1-1: Real-time Application Profiling 7

    Recipe 1-2: Preventing Data Manipulation with Cryptographic Hash Tokens 15

    Recipe 1-3: Installing the OWASP ModSecurity Core Rule Set (CRS) 19

    Recipe 1-4: Integrating Intrusion Detection System Signatures 33

    Recipe 1-5: Using Bayesian Attack Payload Detection 38

    Recipe 1-6: Enable Full HTTP Audit Logging 48

    Recipe 1-7: Logging Only Relevant Transactions 52

    Recipe 1-8: Ignoring Requests for Static Content 53

    Recipe 1-9: Obscuring Sensitive Data in Logs 54

    Recipe 1-10: Sending Alerts to a Central Log Host Using Syslog 58

    Recipe 1-11: Using the ModSecurity AuditConsole 60

    2 Vulnerability Identification and Remediation 67

    Recipe 2-1: Passive Vulnerability Identification 70

    Recipe 2-2: Active Vulnerability Identification 79

    Recipe 2-3: Manual Scan Result Conversion 88

    Recipe 2-4: Automated Scan Result Conversion 92

    Recipe 2-5: Real-time Resource Assessments and Virtual Patching 99

    3 Poisoned Pawns (Hacker Traps) 115

    Recipe 3-1: Adding Honeypot Ports 116

    Recipe 3-2: Adding Fake robots.txt Disallow Entries 118

    Recipe 3-3: Adding Fake HTML Comments 123

    Recipe 3-4: Adding Fake Hidden Form Fields 128

    Recipe 3-5: Adding Fake Cookies 131

    II Asymmetric Warfare 137

    4 Reputation and Third-Party Correlation 139

    Recipe 4-1: Analyzing the Client’s Geographic Location Data 141

    Recipe 4-2: Identifying Suspicious Open Proxy Usage?@147

    Recipe 4-3: Utilizing Real-time Blacklist Lookups (RBL) 150

    Recipe 4-4: Running Your Own RBL 157

    Recipe 4-5: Detecting Malicious Links 160

    5 Request Data Analysis 171

    Recipe 5-1: Request Body Access 172

    Recipe 5-2: Identifying Malformed Request Bodies 178

    Recipe 5-3: Normalizing Unicode 182

    Recipe 5-4: Identifying Use of Multiple Encodings 186

    Recipe 5-5: Identifying Encoding Anomalies 189

    Recipe 5-6: Detecting Request Method Anomalies 193

    Recipe 5-7: Detecting Invalid URI Data 197

    Recipe 5-8: Detecting Request Header Anomalies 200

    Recipe 5-9: Detecting Additional Parameters 209

    Recipe 5-10: Detecting Missing Parameters 212

    Recipe 5-11: Detecting Duplicate Parameter Names 214

    Recipe 5-12: Detecting Parameter Payload Size Anomalies 216

    Recipe 5-13: Detecting Parameter Character Class Anomalies 219

    6 Response Data Analysis 223

    Recipe 6-1: Detecting Response Header Anomalies 224

    Recipe 6-2: Detecting Response Header Information Leakages 234

    Recipe 6-3: Response Body Access 238

    Recipe 6-4: Detecting Page Title Changes 240

    Recipe 6-5: Detecting Page Size Deviations 243

    Recipe 6-6: Detecting Dynamic Content Changes 246

    Recipe 6-7: Detecting Source Code Leakages 249

    Recipe 6-8: Detecting Technical Data Leakages 253

    Recipe 6-9: Detecting Abnormal Response Time Intervals 256

    Recipe 6-10: Detecting Sensitive User Data Leakages 259

    Recipe 6-11: Detecting Trojan, Backdoor, and Webshell Access Attempts 262

    7 Defending Authentication 265

    Recipe 7-1: Detecting the Submission of Common/Default Usernames 266

    Recipe 7-2: Detecting the Submission of Multiple Usernames 269

    Recipe 7-3: Detecting Failed Authentication Attempts 272

    Recipe 7-4: Detecting a High Rate of Authentication Attempts 274

    Recipe 7-5: Normalizing Authentication Failure Details 280

    Recipe 7-6: Enforcing Password Complexity 283

    Recipe 7-7: Correlating Usernames with SessionIDs 286

    8 Defending Session State 291

    Recipe 8-1: Detecting Invalid Cookies 291

    Recipe 8-2: Detecting Cookie Tampering 297

    Recipe 8-3: Enforcing Session Timeouts 302

    Recipe 8-4: Detecting Client Source Location Changes During Session Lifetime 307

    Recipe 8-5: Detecting Browser Fingerprint Changes During Sessions 314

    9 Preventing Application Attacks 323

    Recipe 9-1: Blocking Non-ASCII Characters 323

    Recipe 9-2: Preventing Path-Traversal Attacks 327

    Recipe 9-3: Preventing Forceful Browsing Attacks 330

    Recipe 9-4: Preventing SQL Injection Attacks 332

    Recipe 9-5: Preventing Remote File Inclusion (RFI) Attacks 336

    Recipe 9-6: Preventing OS Commanding Attacks 340

    Recipe 9-7: Preventing HTTP Request Smuggling Attacks 342

    Recipe 9-8: Preventing HTTP Response Splitting Attacks 345

    Recipe 9-9: Preventing XML Attacks 347

    10 Preventing Client Attacks 353

    Recipe 10-1: Implementing Content Security Policy (CSP) 353

    Recipe 10-2: Preventing Cross-Site Scripting (XSS) Attacks 362

    Recipe 10-3: Preventing Cross-Site Request Forgery (CSRF) Attacks 371

    Recipe 10-4: Preventing UI Redressing (Clickjacking) Attacks 377

    Recipe 10-5: Detecting Banking Trojan (Man-in-the-Browser) Attacks 381

    11 Defending File Uploads 387

    Recipe 11-1: Detecting Large File Sizes 387

    Recipe 11-2: Detecting a Large Number of Files 389

    Recipe 11-3: Inspecting File Attachments for Malware 390

    12 Enforcing Access Rate and Application Flows 395

    Recipe 12-1: Detecting High Application Access Rates 395

    Recipe 12-2: Detecting Request/Response Delay Attacks 405

    Recipe 12-3: Identifying Inter-Request Time Delay Anomalies 411

    Recipe 12-4: Identifying Request Flow Anomalies 413

    Recipe 12-5: Identifying a Significant Increase in Resource Usage 414

    III Tactical Response 419

    13 Passive Response Actions 421

    Recipe 13-1: Tracking Anomaly Scores 421

    Recipe 13-2: Trap and Trace Audit Logging 427

    Recipe 13-3: Issuing E-mail Alerts 428

    Recipe 13-4: Data Sharing with Request Header Tagging 436

    14 Active Response Actions 441

    Recipe 14-1: Using Redirection to Error Pages 442

    Recipe 14-2: Dropping Connections 445

    Recipe 14-3: Blocking the Client Source Address 447

    Recipe 14-4: Restricting Geolocation Access Through Defense Condition

    (DefCon) Level Changes 452

    Recipe 14-5: Forcing Transaction Delays 455

    Recipe 14-6: Spoofing Successful Attacks 462

    Recipe 14-7: Proxying Traffic to Honeypots 468

    Recipe 14-8: Forcing an Application Logout 471

    Recipe 14-9: Temporarily Locking Account Access 476

    15 Intrusive Response Actions 479

    Recipe 15-1: JavaScript Cookie Testing 479

    Recipe 15-2: Validating Users with CAPTCHA Testing 481

    Recipe 15-3: Hooking Malicious Clients with BeEF 485

    Index 495

Web Application Defenders Cookbook

    Product form

    £30.39

    Includes FREE delivery

    RRP £37.99 – you save £7.60 (20%)

    Order before 4pm tomorrow for delivery by Mon 22 Jun 2026.

    A Paperback by RC Barnett, Jeremiah Grossman


      View other formats and editions of Web Application Defenders Cookbook by RC Barnett

      Publisher: John Wiley & Sons
      Publication Date: 07/12/2012
      ISBN13: 9781118362181, 978-1118362181
      ISBN10:
      Also in:
      Computer networking and communications Computer security

      Description

      Book Synopsis

      Defending your web applications against hackers and attackers

      The top-selling book Web Application Hacker''s Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender''s Cookbook is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants.

      Each recipe shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more.

      • Provides practical tactics for detecting web attacks and malicious behavior an

        Trade Review
        For those that want to ensure their web sites are as secure as possible, their developers should certainly implement the delicious recipes in Web Application Defender's Cookbook. (RSA Conference, Jan 2013)

        Table of Contents

        Foreword xix

        Introduction xxiii

        I Preparing the Battle Space 1

        1 Application Fortification 7

        Recipe 1-1: Real-time Application Profiling 7

        Recipe 1-2: Preventing Data Manipulation with Cryptographic Hash Tokens 15

        Recipe 1-3: Installing the OWASP ModSecurity Core Rule Set (CRS) 19

        Recipe 1-4: Integrating Intrusion Detection System Signatures 33

        Recipe 1-5: Using Bayesian Attack Payload Detection 38

        Recipe 1-6: Enable Full HTTP Audit Logging 48

        Recipe 1-7: Logging Only Relevant Transactions 52

        Recipe 1-8: Ignoring Requests for Static Content 53

        Recipe 1-9: Obscuring Sensitive Data in Logs 54

        Recipe 1-10: Sending Alerts to a Central Log Host Using Syslog 58

        Recipe 1-11: Using the ModSecurity AuditConsole 60

        2 Vulnerability Identification and Remediation 67

        Recipe 2-1: Passive Vulnerability Identification 70

        Recipe 2-2: Active Vulnerability Identification 79

        Recipe 2-3: Manual Scan Result Conversion 88

        Recipe 2-4: Automated Scan Result Conversion 92

        Recipe 2-5: Real-time Resource Assessments and Virtual Patching 99

        3 Poisoned Pawns (Hacker Traps) 115

        Recipe 3-1: Adding Honeypot Ports 116

        Recipe 3-2: Adding Fake robots.txt Disallow Entries 118

        Recipe 3-3: Adding Fake HTML Comments 123

        Recipe 3-4: Adding Fake Hidden Form Fields 128

        Recipe 3-5: Adding Fake Cookies 131

        II Asymmetric Warfare 137

        4 Reputation and Third-Party Correlation 139

        Recipe 4-1: Analyzing the Client’s Geographic Location Data 141

        Recipe 4-2: Identifying Suspicious Open Proxy Usage?@147

        Recipe 4-3: Utilizing Real-time Blacklist Lookups (RBL) 150

        Recipe 4-4: Running Your Own RBL 157

        Recipe 4-5: Detecting Malicious Links 160

        5 Request Data Analysis 171

        Recipe 5-1: Request Body Access 172

        Recipe 5-2: Identifying Malformed Request Bodies 178

        Recipe 5-3: Normalizing Unicode 182

        Recipe 5-4: Identifying Use of Multiple Encodings 186

        Recipe 5-5: Identifying Encoding Anomalies 189

        Recipe 5-6: Detecting Request Method Anomalies 193

        Recipe 5-7: Detecting Invalid URI Data 197

        Recipe 5-8: Detecting Request Header Anomalies 200

        Recipe 5-9: Detecting Additional Parameters 209

        Recipe 5-10: Detecting Missing Parameters 212

        Recipe 5-11: Detecting Duplicate Parameter Names 214

        Recipe 5-12: Detecting Parameter Payload Size Anomalies 216

        Recipe 5-13: Detecting Parameter Character Class Anomalies 219

        6 Response Data Analysis 223

        Recipe 6-1: Detecting Response Header Anomalies 224

        Recipe 6-2: Detecting Response Header Information Leakages 234

        Recipe 6-3: Response Body Access 238

        Recipe 6-4: Detecting Page Title Changes 240

        Recipe 6-5: Detecting Page Size Deviations 243

        Recipe 6-6: Detecting Dynamic Content Changes 246

        Recipe 6-7: Detecting Source Code Leakages 249

        Recipe 6-8: Detecting Technical Data Leakages 253

        Recipe 6-9: Detecting Abnormal Response Time Intervals 256

        Recipe 6-10: Detecting Sensitive User Data Leakages 259

        Recipe 6-11: Detecting Trojan, Backdoor, and Webshell Access Attempts 262

        7 Defending Authentication 265

        Recipe 7-1: Detecting the Submission of Common/Default Usernames 266

        Recipe 7-2: Detecting the Submission of Multiple Usernames 269

        Recipe 7-3: Detecting Failed Authentication Attempts 272

        Recipe 7-4: Detecting a High Rate of Authentication Attempts 274

        Recipe 7-5: Normalizing Authentication Failure Details 280

        Recipe 7-6: Enforcing Password Complexity 283

        Recipe 7-7: Correlating Usernames with SessionIDs 286

        8 Defending Session State 291

        Recipe 8-1: Detecting Invalid Cookies 291

        Recipe 8-2: Detecting Cookie Tampering 297

        Recipe 8-3: Enforcing Session Timeouts 302

        Recipe 8-4: Detecting Client Source Location Changes During Session Lifetime 307

        Recipe 8-5: Detecting Browser Fingerprint Changes During Sessions 314

        9 Preventing Application Attacks 323

        Recipe 9-1: Blocking Non-ASCII Characters 323

        Recipe 9-2: Preventing Path-Traversal Attacks 327

        Recipe 9-3: Preventing Forceful Browsing Attacks 330

        Recipe 9-4: Preventing SQL Injection Attacks 332

        Recipe 9-5: Preventing Remote File Inclusion (RFI) Attacks 336

        Recipe 9-6: Preventing OS Commanding Attacks 340

        Recipe 9-7: Preventing HTTP Request Smuggling Attacks 342

        Recipe 9-8: Preventing HTTP Response Splitting Attacks 345

        Recipe 9-9: Preventing XML Attacks 347

        10 Preventing Client Attacks 353

        Recipe 10-1: Implementing Content Security Policy (CSP) 353

        Recipe 10-2: Preventing Cross-Site Scripting (XSS) Attacks 362

        Recipe 10-3: Preventing Cross-Site Request Forgery (CSRF) Attacks 371

        Recipe 10-4: Preventing UI Redressing (Clickjacking) Attacks 377

        Recipe 10-5: Detecting Banking Trojan (Man-in-the-Browser) Attacks 381

        11 Defending File Uploads 387

        Recipe 11-1: Detecting Large File Sizes 387

        Recipe 11-2: Detecting a Large Number of Files 389

        Recipe 11-3: Inspecting File Attachments for Malware 390

        12 Enforcing Access Rate and Application Flows 395

        Recipe 12-1: Detecting High Application Access Rates 395

        Recipe 12-2: Detecting Request/Response Delay Attacks 405

        Recipe 12-3: Identifying Inter-Request Time Delay Anomalies 411

        Recipe 12-4: Identifying Request Flow Anomalies 413

        Recipe 12-5: Identifying a Significant Increase in Resource Usage 414

        III Tactical Response 419

        13 Passive Response Actions 421

        Recipe 13-1: Tracking Anomaly Scores 421

        Recipe 13-2: Trap and Trace Audit Logging 427

        Recipe 13-3: Issuing E-mail Alerts 428

        Recipe 13-4: Data Sharing with Request Header Tagging 436

        14 Active Response Actions 441

        Recipe 14-1: Using Redirection to Error Pages 442

        Recipe 14-2: Dropping Connections 445

        Recipe 14-3: Blocking the Client Source Address 447

        Recipe 14-4: Restricting Geolocation Access Through Defense Condition

        (DefCon) Level Changes 452

        Recipe 14-5: Forcing Transaction Delays 455

        Recipe 14-6: Spoofing Successful Attacks 462

        Recipe 14-7: Proxying Traffic to Honeypots 468

        Recipe 14-8: Forcing an Application Logout 471

        Recipe 14-9: Temporarily Locking Account Access 476

        15 Intrusive Response Actions 479

        Recipe 15-1: JavaScript Cookie Testing 479

        Recipe 15-2: Validating Users with CAPTCHA Testing 481

        Recipe 15-3: Hooking Malicious Clients with BeEF 485

        Index 495

      Recently viewed products

      © 2026 Book Curl

        • American Express
        • Apple Pay
        • Diners Club
        • Discover
        • Google Pay
        • Maestro
        • Mastercard
        • PayPal
        • Shop Pay
        • Union Pay
        • Visa

        Login

        Forgot your password?

        Don't have an account yet?
        Create account