"This book goes a long way in making the Web a safer place to do business." -- Mark Curphey,
Chair of the Open Web Application Security Project
Unleash the hackers' arsenal to secure your Web applications
In today's world of pervasive Internet connectivity and rapidly evolving Web technology,
online security is as critical as it is challenging. With the enhanced availability of
information and services online and Web-based attacks and break-ins on the rise, security
risks are at an all time high. Hacking Exposed Web Applications shows you, step-by-step, how
to defend against the latest Web-based attacks by understanding the hacker's devious methods
and thought processes. Discover how intruders gather information, acquire targets, identify
weak spots, gain control, and cover their tracks. You'll get in-depth coverage of real-world
hacks--both simple and sophisticated--and detailed countermeasures to protect against them.
What you'll learn:
* The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable platforms
and applications
* How attackers identify potential weaknesses in Web application components
* What devastating vulnerabilities exist within Web server platforms such as Apache, Microsoft's
Internet Information Server (IIS), Netscape Enterprise Server, J2EE, ASP.NET, and more
* How to survey Web applications for potential vulnerabilities --including checking directory
structures, helper files, Java classes and applets, HTML comments, forms, and query strings
* Attack methods against authentication and session management features such as cookies, hidden
tags, and session identifiers
* Most common input validation attacks--crafted input, command execution characters, and buffer
overflows
* Countermeasures for SQL injection attacks such as robust error handling, custom stored procedures,
and proper database configuration
* XML Web services vulnerabilities and best practices
* Tools and techniques used to hack Web clients--including cross-site scripting, active content
attacks and cookie manipulation
* Valuable checklists and tips on hardening Web applications and clients based on the authors'
consulting experiences
Download File Size:5.24 MB