Subcategories

Stuart McClure, Joel Scambray and George Kurtz, «Hacking Exposed Web Applications, Second Edition»

Posted By: Spymaker
Stuart McClure, Joel Scambray and George Kurtz, «Hacking Exposed Web Applications, Second Edition»

Stuart McClure, Joel Scambray and George Kurtz, «Hacking Exposed Web Applications, Second Edition»
Publisher: McGraw-Hill | June 2006 | ISBN: 9780072262995 | Pages: 520 | CHM | 12 MB

Implement bulletproof e-business security the proven Hacking Exposed way

Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.

Find out how hackers use infrastructure and application profiling to perform reconnaissance and enter vulnerable systems
Get details on exploits, evasion techniques, and countermeasures for the most popular Web platforms, including IIS, Apache, PHP, and ASP.NET
Learn the strengths and weaknesses of common Web authentication mechanisms, including password-based, multifactor, and single sign-on mechanisms like Passport
See how to excise the heart of any Web application's access controls through advanced session analysis, hijacking, and fixation techniques
Find and fix input validation flaws, including cross-site scripting (XSS), SQL injection, HTTP response splitting, encoding, and special character abuse
Get an in-depth presentation of the newest SQL injection techniques, including blind attacks, advanced exploitation through subqueries, Oracle exploits, and improved countermeasures
Learn about the latest XML Web Services hacks, Web management attacks, and DDoS attacks, including click fraud
Tour Firefox and IE exploits, as well as the newest socially-driven client attacks like phishing and adware