Product Description

Implement bulletproof e-business security the proven Hacking Exposed way

Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.

Product Details

• Amazon Sales Rank: #230148 in Books
• Published on: 2006-07-01
• Original language: English
• Number of items: 1
• Binding: Paperback
• 520 pages

Hacking Exposed Web Applications, Oraclehome.co.uk, September 2006
It's quite amazing what people can do with web applications ... this book
tells you how to plug the holes

From the Inside Flap
The second edition has been completely updated to cover:

New exploitation techniques
The latest Denial of Service attacks
New phishing scams
Leading-edge preventive website development practices

From the Back Cover

Implement bulletproof e-business security the proven Hacking Exposed way

Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.

• Find out how hackers use infrastructure and application profiling to perform reconnaissance and enter vulnerable systems
• Get details on exploits, evasion techniques, and countermeasures for the most popular Web platforms, including IIS, Apache, PHP, and ASP.NET
•  Learn the strengths and weaknesses of common Web authentication mechanisms, including password-based, multifactor, and single sign-on mechanisms like Passport
• See how to excise the heart of any Web application's access controls through advanced session analysis, hijacking, and fixation techniques
• Find and fix input validation flaws, including cross-site scripting (XSS), SQL injection, HTTP response splitting, encoding, and special character abuse
• Get an in-depth presentation of the newest SQL injection techniques, including blind attacks, advanced exploitation through subqueries, Oracle exploits, and improved countermeasures
• Learn about the latest XML Web Services hacks, Web management attacks, and DDoS attacks, including click fraud
• Tour Firefox and IE exploits, as well as the newest socially-driven client attacks like phishing and adware