O'Reilly logo

Seven Deadliest Web Application Attacks by Mike Shema

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 6. Logic Attacks

Information in this Chapter

  • Understanding Logic Attacks
  • Employing Countermeasures

How does the site work? This isn't an existential investigation into the Web application, but a technical one into the inner workings of policies and controls that enforce its security. Sites run into technical faults such as cross-site scripting (XSS) and SQL injection when developers fail to validate data coming from the Web browser or assume a misplaced level of trust in the user. Logic-based attacks work differently. There is still a malicious user on the other end of the HTTP connection, but this time, the attacker is searching for errors in workflows or trying to skip the straight line from point A to point B by making requests ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required