Hacking Exposed - Web Applications
Get in-depth coverage of Web application platforms and their vulnerabilities, presented the same popular format as the international bestseller, Hacking Exposed. Covering hacking scenarios across different programming languages and depicting various types of attacks and countermeasures, this book offers you up-to-date and highly valuable insight into Web application security.
This book is covering hacking scenarios across different programming languages and depicting various types of attacks and countermeasures, it offers you up to date and highly valuable insight into Web application security. Softcover.
Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks.
All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.
- Find out how hackers use infrastructure and application profiling to perform reconnaissance and enter vulnerable systems
- Get details on exploits, evasion techniques, and countermeasures for the most popular Web platforms, including IIS, Apache, PHP, and ASP.NET
- Learn the strengths and weaknesses of common Web authentication mechanisms, including password-based, multifactor, and single sign-on mechanisms like Passport
- See how to excise the heart of any Web application's access controls through advanced session analysis, hijacking, and fixation techniques
- Find and fix input validation flaws, including cross-site scripting (XSS), SQL injection, HTTP response splitting, encoding, and special character abuse
- Get an in-depth presentation of the newest SQL injection techniques, including blind attacks, advanced exploitation through subqueries, Oracle exploits, and improved countermeasures
- Learn about the latest XML Web Services hacks, Web management attacks, and DDoS attacks, including click fraud
- Tour Firefox and IE exploits, as well as the newest socially-driven client attacks like phishing and adware
TABLE OF CONTENT:
chapter 01 - Introduction to Web application And Security
chapter 02 - Profiling
chapter 03 - Hacking Web Servers
chapter 04 - Surveying The Application
chapter 05 - Authentication
chapter 06 - Authorization
chapter 07 - Attacking Session State Management
chapter 08 - Input Validation Attacks
chapter 09 - Attacking Web Datastores
chapter 10 - Attacking Web Services
chapter 11 - Hacking Web Application Management
chapter 12 - Web Clients Hacking
chapter 13 - Case Studies
Appendix A - Web Site Security Checklist
Appendix B - Web Hacking Tools And Techniques Cribsheet
Appendix C - Using Libwhisker
Appendix D - UrlScan Installation And Configuration
Appendix E - About the Companion Web Sites
password:ganelon
Random Posts
- ActionScript Cookbook - O’Reilly
- Beginning Game Development with Python and Pygame
- Circuit Cellar - Circuit Cellar
- Corporate Actions: A Guide to Securities Event Management
- Mastering Microsoft Visual Basic 2008, Sybex
- The HP Virtual Server Environment
- The Business Case for Enterprise Class Wireless LANs
- Object Oriented ActionScript For Flash 8 - Friends of ED
- The Emotionally Intelligent Nurse Leader - Jossey Bass
- The Adobe Photoshop Lightroom 2 Book: The Complete Guide for Photographers
September 23rd, 2007 14:08
fresh link: http://rapidshare.com/files/57450734/haexweapp.rar (password:ganelon)
November 18th, 2007 04:25
The fresh link above is for the 1st edition dated 2002 of this book. Please could you repost the second edition?
February 10th, 2008 09:54
Please could you repost the second edition? thank you