Web applications occupy a large space within the IT infrastructure of a business or a corporation. They simply just don’t touch a front end or a back end; today’s web apps impact just about every corner of it. Today’s web apps have become complex, which has made them a prime target for sophisticated cyberattacks. As a result, web apps must be literally tested from the inside and out in terms of security before they can be deployed and launched to the public for business transactions to occur. The primary objective of this book is to address those specific areas that require testing before a web app can be considered to be completely secure. The book specifically examines five key areas: Network security: This encompasses the various network components that are involved in order for the end user to access the particular web app from the server where it is stored at to where it is being transmitted to, whether it is a physical computer itself or a wireless device (such as a smartphone). Cryptography: This area includes not only securing the lines of network communications between the server upon which the web app is stored at and from where it is accessed from but also ensuring that all personally identifiable information (PII) that is stored remains in a ciphertext format and that its integrity remains intact while in transmission. Penetration testing: This involves literally breaking apart a Web app from the external environment and going inside of it, in order to discover all weaknesses and vulnerabilities and making sure that they are patched before the actual Web app is launched into a production state of operation. Threat hunting: This uses both skilled analysts and tools on the Web app and supporting infrastructure to continuously monitor the environment to find all security holes and gaps. The Dark Web: This is that part of the Internet that is not openly visible to the public. As its name implies, this is the "sinister" part of the Internet, and in fact, where much of the PII that is hijacked from a web app cyberattack is sold to other cyberattackers in order to launch more covert and damaging threats to a potential victim. Testing and Securing Web Applications breaks down the complexity of web application security testing so this critical part of IT and corporate infrastructure remains safe and in operation. This book is about how to test Web based applications so that customers know that they are very safe to access them, and that their information and data will not fall into the hands of a malicious third party. The only way that this can be accomplished is with thorough security testing. Cover 1 Half Title 2 Title Page 4 Copyright Page 5 Dedication 6 Contents 8 Acknowledgments 14 About the Authors 16 1. Network Security 18 Introduction 18 A Chronological History of the Internet 22 The Evolution of Web Applications 24 The Fundamentals of Network Security – The OSI Model 30 The OSI Model 30 What Is the Significance of the OSI Model to Network Security? 32 The Classification of Threats to the OSI Model 32 The Most Probable Attacks 34 Assessing a Threat to a Web Application 35 Network Security Terminology 36 The Types of Network Security Topologies Best Suited for Web Applications 37 The Types of Attack That Can Take Place against Web Applications 38 How to Protect Web Applications from DDoS Attacks 44 Defending against Buffer Overflow Attacks 45 Defending against IP Spoofing Attacks 45 Defending against Session Hijacking 47 Defending Virus and Trojan Horse Attacks 48 Viruses 48 How a Virus Spreads Itself 48 The Different Types of Viruses 48 Defending Web Applications at a Deeper Level 50 The Firewall 50 Types of Firewalls 51 Blacklisting and Whitelisting 53 How to Properly Implement a Firewall to Safeguard the Web Application 54 The Use of Intrusion Detection Systems 56 Understanding What a Network Intrusion Detection System Is 56 Preemptive Blocking 57 Anomaly Detection 59 Important NIDS Processes and Subcomponents 60 The Use of VPNs to Protect a Web Application Server 61 The Basics of VPN Technology 62 The Virtual Private Network Protocols that are Used to Secure a Web Application Server 63 How PPTP Sessions are Authenticated 63 How Layer 2 Tunneling Protocol (L2TP) Sessions are Authenticated 64 How Password Authentication Protocol (PAP) Sessions are Authenticated 65 How Shiva Password Authentication Protocol (SPAP)Sessions are Authenticated 65 How Kerberos Protocol Sessions are Authenticated 66 How IPSec Protocol Sessions are Authenticated 68 How SSL Protocol Sessions are Authenticated 69 How to Assess the Current State of Security of a Web Application Server 70 Important Risk Assessment Methodologies and How They Relate to Web Application Security 71 Single Loss Expectancy (SLE) 71 The Annualized Loss Expectancy (ALE) 71 The Residual Risk 71 How to Evaluate the Security Risk that is Posed to the Web Application and its Server 72 How to Conduct the Initial Security Assessment on the Web Application 73 Techniques Used by Cyberattackers against the Web Application and Web Application Server 76 The Techniques Used by the Cyberhacker 77 Techniques Used by the Cyberattacker 80 Network Security and Its Relevance for Web Apps 82 Data Confidentiality 82 Common Technical Layouts for Modern Web App Infrastructure 83 Encrypting Data in Flight 86 TLS 86 Certificate 89 Setting Up the Session 90 Finishing the Handshake 91 Site Validity 92 Proving Your Web App Is What It Says It Is 92 Testing Your Web App’s Confidentiality and Trust 94 What Kind of Trust? 94 Spoofing and Related Concerns 96 Conclusion 99 Resources 99 References 99 2. Cryptography 100 An Introduction to Cryptography 101 Message Scrambling and Descrambling 102 Encryption and Decryption 103 Ciphertexts 103 Symmetric Key Systems and Asymmetric Key Systems 104 The Caesar Methodology 104 Types of Cryptographic Attacks 105 Polyalphabetic Encryption 105 Block Ciphers 106 Initialization Vectors 107 Cipher Block Chaining 107 Disadvantages of Symmetric Key Cryptography 108 The Key Distribution Center 109 Mathematical Algorithms with Symmetric Cryptography 110 The Hashing Function 111 Asymmetric Key Cryptography 112 Public Keys and Public Private Keys 112 The Differences Between Asymmetric and Symmetric Cryptography 113 The Disadvantages of Asymmetric Cryptography 114 The Mathematical Algorithms of Asymmetric Cryptography 115 The Public Key Infrastructure 116 The Digital Certificates 117 How the Public Key Infrastructure Works 118 Public Key Infrastructure Policies and Rules 118 The LDAP Protocol 119 The Public Cryptography Standards 120 Parameters of Public Keys and Private Keys 121 How Many Servers? 122 Security Policies 122 Securing the Public Keys and the Private Keys 123 Message Digests and Hashes 123 Security Vulnerabilities of Hashes 123 A Technical Review of Cryptography 124 The Digital Encryption Standard 124 The Internal Structure of the DES 126 The Initial and Final Permutations 126 The f-Function 126 The Key Schedule 127 The Decryption Process of the DES Algorithm 128 The Reversed Key Schedule 128 The Decryption in the Feistel Network 128 The Security of the DES 130 The Advanced Encryption Standard 130 The Mathematics behind the DES Algorithm 131 The Internal Structure of the AES Algorithm 134 Decryption of the AES Algorithm 137 Asymmetric and Public Key Cryptography 138 The Mathematics behind Asymmetric Cryptography 141 The RSA Algorithm 142 The Use of Fast Exponentiation in the RSA Algorithm 144 The Use of Fast Encryption with Shorter Public Key Exponentiation 145 The Chinese Remainder Theorem (CRT) 145 How to Find Large Prime Integers for the RSA Algorithm 146 The Use of Padding in the RSA Algorithm 148 Specific Cyberattacks on the RSA Algorithm 149 The Digital Signature Algorithm 150 Digital Signature Computation and Verification Process for the DSA 151 The Prime Number Generation Process in the DSA 152 Security Issues with the DSA 152 The Elliptic Curve Digital Signature Algorithm 153 The Generation of the Public Key and the Private Key Using the ECDSA Algorithm 153 The Signature and the Verification Process of the ECDSA Algorithm 154 The Use of Hash Functions 155 The Security Requirements of Hash Functions 156 A Technical Overview of Hash Function Algorithms 159 Block Cipher–Based Hash Functions 160 Technical Details of the Secure Hash Algorithm SHA-1 161 Key Distribution Centers 163 The Public Key Infrastructure and Certificate Authority 165 Resources 166 3. Penetration Testing 168 Introduction 168 Peeling the Onion 169 True Stories 169 External Testing: Auxiliary System Vulnerabilities 169 Internal Testing 170 Report Narrative 171 Report Narrative 171 Web Application Testing 172 SSID Testing 175 Types of Penetration Tests 176 Definitions of Low, Medium, High, and Critical Findings in Penetration Testing 177 Compliances and Frameworks: Pen Testing Required 178 OWASP and OWASP Top Ten 179 OWASP Top Ten with Commentary 179 Tools of the Trade 181 Pen Test Methodology 184 Penetration Test Checklist for External IPs and Web Applications 184 Chapter Takeaways 189 Resources 191 4. Threat Hunting 192 Not-So-Tall Tales 193 Nation-State Bad Actors: China and Iran 198 Threat Hunting Methods 199 MITRE ATT&CK 200 Technology Tools 200 The SIEM 200 EDR 201 EDR + SIEM 202 IDS 202 When 1 + 1 + 1 = 1: The Visibility Window 202 Threat Hunting Process or Model 203 On Becoming a Threat Hunter 205 Threat Hunting Conclusions 206 Resources 206 5. Conclusions 208 Index 216 Network,Security;,Cryptography;,Penetration,Testing;,Threat,Hunting;,Conclusions Network Security,Cryptography,Penetration Testing,Threat Hunting,Conclusions Web Applications Occupy A Large Space Within The It Infrastructure Of A Business Or A Corporation. They Simply Just Don't Touch A Front End Or A Back End; Today's Web Apps Impact Just About Every Corner Of It. Today's Web Apps Have Become Complex, Which Has Thus Made Them A Prime Target For Sophisticated Cyberattacks. As A Result, Web Apps Must Be Literally Tested From The Inside And Out In Terms Of Security Before They Can Be Deployed And Launched To The Public For Business Transactions To Occur. The Primary Objective Of This Book Is To Address Those Specific Areas That Require Testing Before A Web App Can Be Considered 100% Secure. The Book Specifically Examines Five Key Areas: Network Security: This Encompasses The Various Network Components That Are Involved In Order For The End User To Access The Particular Web App From The Server Where It Is Stored At To Where It Is Being Transmitted To, Whether It Is A Physical Computer Itself Or A Wireless Device (such As A Smartphone). Cryptography: This Area Includes Not Only Securing The Lines Of Network Communications Between The Server Upon Which The Web App Is Stored At And From Where It Is Accessed From, But Also Ensuring That All Personally Identifiable Information (pii) That Is Stored Remains In A Ciphertext Format And That Its Integrity Remains Intact While In Transmission. Penetration Testing: This Is Involves Literally Breaking Apart A Web App From The External Environment And Going Inside Of It, In Order To Discover All Weaknesses And Vulnerabilities And Making Sure That They Are Patched Before The Actual Web App Is Launched Into A Production State Of Operation. Threat Hunting: This Is Virtually The Same As Penetration Testing, But Instead This Involves Completely Breaking Down A Web App From The Internal Environment To The External One, In Order To Discover All Security Holes And Gaps. The Dark Web: This Is That Part Of The Internet That Is Not Openly Visible To The Public. As Its Name Implies, This Is The Sinister Part Of The Internet, And In Fact, Where Much Of The Pii That Is Hijacked From A Web App Cyberattack Is Sold To Other Cyberattackers In Order To Launch More Covert And Damaging Threats To A Potential Victim. Testing And Securing Web Applications Breaks Down The Complexity Of Web Application Security Testing So This Critical Part Of It And Corporate Infrastructure Remains Safe And In Operation. "Web applications occupy a large space within the IT infrastructure of a business or a corporation. They simply just don’t touch a front end or a back end; today’s web apps impact just about every corner of it. Today’s web apps have become complex, which has made them a prime target for sophisticated cyberattacks. As a result, web apps must be literally tested from the inside and out in terms of security before they can be deployed and launched to the public for business transactions to occur. The primary objective of this book is to address those specific areas that require testing before a web app can be considered to be completely secure. The book specifically examines five key areas: network security, cryptography, penetration testing, threat hunting, and the dark web. Testing and Securing Web Applications breaks down the complexity of web application security testing so this critical part of IT and corporate infrastructure remains safe and in operation"-- Provided by publisher