Introduction.

Chapter 1: Penetration Testing Web Applications.

Chapter 2: Web Applications: Some Basics.

Chapter 3: Discovery.

Chapter 4: Vulnerability Analysis.

Chapter 5: Attack Simulation Techniques and Tools: Web Server.

Chapter 6: Attack Simulation Techniques and Tools: Web Application.

Chapter 7: Attack Simulation Techniques and Tools: Known Exploits.

Chapter 8: Attack Simulation Techniques and Tools: Web Services.

Chapter 9: Documentation and Presentation.

Chapter 10: Remediation.

Chapter 11: Your Lab.

Appendix A: Basic SQL.

Appendix B: Basic LDAP.

Appendix C: XPath and XQuery.

Appendix D: Injection Attack Dictionaries.

Index.