About the Book
Get in-depth coverage of Web application
platforms and their vulnerabilities, presented the same popular format
as the international bestseller, Hacking Exposed. Covering hacking scenarios
across different programming languages and depicting various types of attacks
and countermeasures, this book offers you up-to-date and highly valuable
insight into Web application security.
"Required reading for Web architects
and operators." -- Erik Olson, Microsoft Program Manager, Security, ASP.NET
"Just as the original Hacking Exposed
revealed the techniques the bad guys were hiding behind, Hacking Exposed
Web Applications will do the same for this critical technology. Its methodical
approach and appropriate detail will enlighten, educate, and go a long
way toward making the Web a safer place in which to do business." -- from
the Foreword by Mark Curphey, Chair of the Open Web Application Security
Project
"This is a serious technical guide
that is also great reading -- scary enough to motivate folks to take Web
security seriously but approachable enough to be an effective learning
tool. Required reading for Web architects and operators." -- Erik Olson,
Program Manager, Security, ASP.NET
"What better way to defend against
hackers than to understand the tools and techniques that are used to penetrate
your site? Hacking Exposed Web Applications offers a detailed look at common
vulnerabilities within your applications and explains how to protect yourself
from them." -- Mike Mullins, Ecommerce Security Engineer for a leading
specialty apparel retailer
"At last, your personal guide to preventing
the next generation of security threats. This book explains in intricate
detail how you can do everything right when it comes to network security
and still be owned at the Web application layer." -- Chip Andrews, www.sqlsecurity.com
"If you're involved in writing Web-based
applications using ASP/ASP.NET, Java, JSP, PHP, or other languages, the
Hacking Exposed series is something you DEFINITELY need to read. Before
writing one line of code, this book will spark ideas about how to design
and secure your Web applications. There are techniques potential hackers
could use that I've never even thought of! Great resource!" -- Steve Schofield,
Creator and Managing Editor, ASPFree.com
Related Books
1. Hacker's
Challenge 2 Test Your Network Security & Forensic Skills ISBN: 0072226307
2. Hacking
Exposed Network Security Secrets & Solutions, Fourth Edition ISBN:
0072227427
3. Hacking
Exposed (TM) Web Applications ISBN: 007222438X
4. Anti-Hacker
Tool Kit, Second Edition ISBN: 0072230207
5. Hacking
Exposed Linux, 2nd Edition ISBN: 0072225645
6. Hacking
Exposed Windows Server 2003 ISBN: 0072230614
7. Anti-Hacker
Tool Kit ISBN: 0072222824
8. HackNotes
Linux and Unix Security Portable Reference ISBN: 0072227869
9. Fundamentals
of Network Security ISBN: 0072230932
10. HackNotes
Network Security Portable Reference ISBN: 0072227834
11. PDA
Security ISBN: 0071424903
12. HackNotes
Windows Security Portable Reference ISBN: 0072227850
13. Gray
Hat Hacking The Ethical Hacker's Handbook ISBN: 0072257091
14. Hacking
Exposed Computer Forensics ISBN: 0072256753
15. HackNotes
Web Security Pocket Reference ISBN: 0072227842Table of Contents
Part I: Reconnaissance
1: Introduction to Web Applications
and Security
2: Profiling
3: Hacking Web Servers
4: Surveying the Application
Part II: The Attack
5: Authentication
6: Authorization
7: Attacking Session State Management
8: Input Validation Attacks
9: Attacking Web Datastores
10: Attacking Web Services
11: Hacking Web Application Management
12: Web Client Hacking
13: Case Studies
Part III: Appendixes
A: Web Site Security Checklist
B: Web Hacking Tools and Techniques
Cribsheet
C: Using Libwhisker
D: UrlScan Installation and Configuration
E: About the Companion Web Site |
