Hacking Exposed Web Applications / Edition 3

Hacking Exposed Web Applications / Edition 3

by Joel Scambray, Vincent Liu, Caleb Sima
     
 

The latest Web app attacks and countermeasures from world-renowned practitioners

Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new

See more details below

Overview

The latest Web app attacks and countermeasures from world-renowned practitioners

Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource.

  • Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster
  • See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation
  • Understand how attackers defeat commonly used Web authentication technologies
  • See how real-world session attacks leak sensitive data and how to fortify your applications
  • Learn the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, phishing, and XML injection techniques
  • Find and fix vulnerabilities in ASP.NET, PHP, and J2EE execution environments
  • Safety deploy XML, social networking, cloud computing, and Web 2.0 services
  • Defend against RIA, Ajax, UGC, and browser-based, client-side exploits
  • Implement scalable threat modeling, code review, application scanning, fuzzing, and security testing procedures

Read More

Product Details

ISBN-13:
9780071740647
Publisher:
McGraw-Hill Professional Publishing
Publication date:
10/15/2010
Pages:
482
Sales rank:
945,084
Product dimensions:
7.20(w) x 9.00(h) x 1.10(d)

Meet the Author

Joel Scambray, CISSP, is co-founder and CEO of Consciere, provider of strategic security advisory services. He has worked in Internet security assessment and defense for nearly 15 years at Microsoft, Foundstone, Ernst & Young, and other organizations. Joel is an internationally renowned speaker and author of multiple security books, including 12 editions in the Hacking Exposed series.

Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams at Honeywell's Global Security group, was a consultant with the Ernst & Young Advanced Security Centers, and was an analyst at the National Security Agency. Vincent speaks at industry conferences, including Black Hat, ToorCon, and Microsoft's BlueHat.

Caleb Sima is CEO of Armorize Technologies, provider of integrated Web application security solutions. He founded SPI Dynamics, a Web security technology company, and was an early innovator at Internet Security Systems/IBM's elite X-Force team. Caleb presents at key industry conferences, such as RSA and Black Hat.

Read More

Table of Contents

Chapter 1 Hacking Web Apps 101

Chapter 2 Profiling

Chapter 3 Hacking Web Platforms

Chapter 4 Attacking Web Authentication

Chapter 5 Attacking Web Authorization

Chapter 6 Input Injection Attacks

Chapter 7 Attacking XML Web Services

Chapter 8 Attacking Web Application Management

Chapter 9 Hacking Web Clients

Chapter 10 The Enterprise Web Application Security Program

Chapter 11 Web Application Security Scanners

Appendix A Web Application Security Checklist

Appendix B Web Hacking Tools and Techniques Cribsheet

Index

Customer Reviews

Average Review:

Write a Review

and post it to your social network

     

Most Helpful Customer Reviews

See all customer reviews >