Hacking Exposed Web 2.0 / Edition 1

Hacking Exposed Web 2.0 / Edition 1

by Rich Cannings, Himanshu Dwivedi, Zane Lackey
     
 

ISBN-10: 0071494618

ISBN-13: 9780071494618

Pub. Date: 12/17/2007

Publisher: McGraw-Hill Professional Publishing

Lock down next-generation Web services

"This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." —Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook

Protect your Web 2.0 architecture against the latest

Overview

Lock down next-generation Web services

"This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." —Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook

Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You'll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings.

  • Plug security holes in Web 2.0 implementations the proven Hacking Exposed way
  • Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms
  • Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks
  • Circumvent XXE, directory traversal, and buffer overflow exploits
  • Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls
  • Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons
  • Use input validators and XML classes to reinforce ASP and .NET security
  • Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications
  • Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls
  • Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks

Product Details

ISBN-13:
9780071494618
Publisher:
McGraw-Hill Professional Publishing
Publication date:
12/17/2007
Series:
Hacking Exposed Series
Pages:
258
Product dimensions:
7.30(w) x 9.00(h) x 0.59(d)

Table of Contents

Foreword

Acknowledgments

Introduction

Part I: Attacking Web 2.0

Chapter 1. Common Injection Attacks

Chapter 2. Cross-Site Scripting

Part II: Next Generation Web Application Attacks

Chapter 3. Cross-Domain Attacks

Chapter 4. Malicious JavaScript and AJAX

Chapter 5. .Net Security

Part III: AJAX

Chapter 6. AJAX Types, Discovery, and Parameter Manipulation

Chapter 7. AJAX Framework Exposures

Part IV: Thick Clients

Chapter 8. ActiveX Security

Chapter 9. Attacking Flash Applications

Index

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >