Foreword - The Basics of Web Hacking: Tools and Techniques to Attack the Web (2013)

The Basics of Web Hacking: Tools and Techniques to Attack the Web (2013)

Foreword

The World Wide Web is a huge and expanding mass of application code. The majority of businesses, governments, and other organizations are now on the web, exposing their systems and data to the world via custom application functionality. With today’s development frameworks, it is easier than ever to create a functional web application without knowing or doing anything about security. With today’s technologies, that application is likely to be far more complex than those that have come before. Evolving technologies bring with them more attack surface and new types of attack. Meanwhile, old vulnerabilities live on and are reintroduced into new applications by each generation of coders.

In the recent past, numerous high-profile organizations have been compromised via their web applications. Though their PR departments may claim they were victims of highly sophisticated hackers, in reality the majority of these attacks have exploited simple vulnerabilities that have been well understood for years. Smaller companies that don’t feel under the spotlight may actually be even more exposed. And many who are compromised never know about it.

Clearly, the subject of web application security is more critical today than ever before. There is a significant need for more people to understand web application attacks, both on the offensive side (to test existing applications for flaws) and on the defensive side (to develop more robust code in the first place). If you’re completely new to web hacking, this book will get you started. Assuming no existing knowledge, it will teach you the basic tools and techniques you need to find and exploit numerous vulnerabilities in today’s applications. If your job is to build or defend web applications, it will open your eyes to the attacks that your own applications are probably still vulnerable to and teach you how to prevent them from happening.

Dafydd Stuttard

Creator of Burp Suite

Coauthor of The Web Application Hacker’s Handbook