1. IT eBooks
  2. Books
  3. Cybersecurity
  4. Hacking Exposed Web Applications
All Books Programming Web Development Mobile Development Game Development Data Science & AI SysAdmin & DevOps Cybersecurity Databases Design, Media & UX/UI Hardware & IoT Other

Hacking Exposed Web Applications

Web Application Security Secrets & Solutions


Hacking Exposed Web Applications
Hacking Exposed Web Applications

Book Details

Authors Joel Scambray, Mike Shema
Publisher McGraw-Hill
Published 2002
Edition 1
Paperback 416 pages
Language English
ISBN-13 9780072224382
ISBN-10 007222438X
License Open Access

Book Description

In today's world of pervasive Internet connectivity and rapidly evolving Web technology, online security is as critical as it is challenging. With the enhanced availability of information and services online and Web-based attacks and break-ins on the rise, security risks are at an all time high. Hacking Exposed Web Applications shows you, step-by-step, how to defend against the latest Web-based attacks by understanding the hacker's devious methods and thought processes. Discover how intruders gather information, acquire targets, identify weak spots, gain control, and cover their tracks. You'll get in-depth coverage of real-world hacks-both simple and sophisticated-and detailed countermeasures to protect against them.

What you'll learn:
- The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable platforms and applications
- How attackers identify potential weaknesses in Web application components
- What devastating vulnerabilities exist within Web server platforms such as Apache, Microsoft's Internet Information Server (IIS), Netscape Enterprise Server, J2EE, ASP.NET, and more
- How to survey Web applications for potential vulnerabilities -including checking directory structures, helper files, Java classes and applets, HTML comments, forms, and query strings
- Attack methods against authentication and session management features such as cookies, hidden tags, and session identifiers
- Most common input validation attacks-crafted input, command execution characters, and buffer overflows
- Countermeasures for SQL injection attacks such as robust error handling, custom stored procedures, and proper database configuration
- XML Web services vulnerabilities and best practices
- Tools and techniques used to hack Web clients-including cross-site scripting, active content attacks and cookie manipulation
- Valuable checklists and tips on hardening Web applications and clients based on the authors' consulting experiences


This book is published as open-access, which means it is freely available to read, download, and share without restrictions.

If you enjoyed the book and would like to support the author, you can purchase a printed copy (hardcover or paperback) from official retailers.

Download and Read Links

PDF

Share This Book

[localhost]# find . -name "*Similar_Books*"


Hacking Secret Ciphers with Python

Hacking Secret Ciphers with Python
Hacking Python

There are many books that teach beginners how to write secret messages using ciphers. There are a couple books that teach beginners how to hack ciphers. As far as I can tell, there are no books to teach beginners how to write programs to hack ciphers. This book fills that gap. This book is for complete beginners who do not know anything about encry

RESTful Web Services

RESTful Web Services
API

You've built web sites that can be used by humans. But can you also build web sites that are usable by machines? That's where the future lies, and that's what RESTful Web Services shows you how to do. The World Wide Web is the most popular distributed application in history, and Web services and mashups have turned it into a powerful distributed co

Web Application Security

Web Application Security

While many resources for network and IT security are available, detailed knowledge regarding modern web application security has been lacking - until now. This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply. Andrew Hoffman, a senior security engineer at Salesforce, introduc

Demystifying Internet of Things Security

Demystifying Internet of Things Security
Security

Break down the misconceptions of the Internet of Things by examining the different security building blocks available in Intel Architecture (IA) based IoT platforms. This book reviews the threat pyramid, secure boot, chain of trust, and the SW stack leading up to defense-in-depth. The IoT presents unique challenges in implementing security and Inte

Architect Modern Web Applications with ASP.NET Core and Azure

Architect Modern Web Applications with ASP.NET Core and Azure
ASP.NET Azure

The audience for this guide is mainly developers, development leads, and architects who are interested in building modern web applications using Microsoft technologies and services in the cloud. A secondary audience is technical decision makers who are already familiar ASP.NET or Azure and are looking for information on whether it makes sense to up

Application Delivery and Load Balancing in Microsoft Azure

Application Delivery and Load Balancing in Microsoft Azure
Nginx Azure

With more and more companies moving on-premises applications to the cloud, software and cloud solution architects alike are busy investigating ways to improve load balancing, performance, security, and high availability for workloads. This practical book describes Microsoft Azure's load balancing options and explains how NGINX can contribute to a c