Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Web Applications (Hacking Exposed)

Buy
Web Applications (Hacking Exposed), 9780072224382 (007222438X), McGraw-Hill, 2002

"This book goes a long way in making the Web a safer place to do business." -- Mark Curphey, Chair of the Open Web Application Security Project

Unleash the hackers' arsenal to secure your Web applications

In today's world of pervasive Internet connectivity and rapidly evolving Web technology, online security is as critical as it is challenging. With the enhanced availability of information and services online and Web-based attacks and break-ins on the rise, security risks are at an all time high. Hacking Exposed Web Applications shows you, step-by-step, how to defend against the latest Web-based attacks by understanding the hacker's devious methods and thought processes. Discover how intruders gather information, acquire targets, identify weak spots, gain control, and cover their tracks. You'll get in-depth coverage of real-world hacks--both simple and sophisticated--and detailed countermeasures to protect against them.

What you'll learn:

  • The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable platforms and applications
  • How attackers identify potential weaknesses in Web application components
  • What devastating vulnerabilities exist within Web server platforms such as Apache, Microsoft's Internet Information Server (IIS), Netscape Enterprise Server, J2EE, ASP.NET, and more
  • How to survey Web applications for potential vulnerabilities --including checking directory structures, helper files, Java classes and applets, HTML comments, forms, and query strings
  • Attack methods against authentication and session management features such as cookies, hidden tags, and session identifiers
  • Most common input validation attacks--crafted input, command execution characters, and buffer overflows
  • Countermeasures for SQL injection attacks such as robust error handling, custom stored procedures, and proper database configuration
  • XML Web services vulnerabilities and best practices
  • Tools and techniques used to hack Web clients--including cross-site scripting, active content attacks and cookie manipulation
  • Valuable checklists and tips on hardening Web applications and clients based on the authors' consulting experiences
About the Author

Joel Scambray (Lafayette, CA) is a Manager in the Information Systems Audit and Advisory Services practice of Ernst & Young. Joel has over five years experience working with a variety of computer and communications technologies from both an operational and strategic standpoint--ranging from Director of IS for a major commercial real estate firm to Technology Analyst for Info World Magazine.
(HTML tags aren't allowed.)

Expert T-SQL Window Functions in SQL Server 2019: The Hidden Secret to Fast Analytic and Reporting Queries
Expert T-SQL Window Functions in SQL Server 2019: The Hidden Secret to Fast Analytic and Reporting Queries
Become an expert who can use window functions to solve T-SQL query problems. Replace slow cursors and self-joins with queries that are easy to write and perform better. This new edition provides expanded examples, including a chapter from the world of sports, and covers the latest performance enhancements through SQL Server 2019. ...
Web Standards Solutions: The Markup and Style Handbook (Pioneering Series)
Web Standards Solutions: The Markup and Style Handbook (Pioneering Series)

Web Standards are the standard technology specifications enforced by the World Wide Web Consortium (W3C) to make sure that web designers and browser manufacturers are using the same technology syntax. It is important that these implementations are the same throughout the Web, otherwise it becomes a messy proprietary place, and lacks consistency....

Pro Oracle Database 11g RAC on Linux
Pro Oracle Database 11g RAC on Linux

Pro Oracle Database 11g RAC on Linux provides full-life-cycle guidance on implementing Oracle Real Application Clusters in a Linux environment. Real Application Clusters, commonly abbreviated as RAC, is Oracle’s industry-leading architecture for scalable and fault-tolerant databases. RAC allows you to scale up and down by...


Systems Biology: Properties of Reconstructed Networks
Systems Biology: Properties of Reconstructed Networks
Genome sequences are now available that enable us to determine the biological components that make up a cell or an organism. The new discipline of systems biology examines how these components interact and form networks, and how the networks generate whole cell functions corresponding to observable phenotypes. This textbook describes how to model...
Role Engineering for Enterprise Security Management (Information Security and Privacy)
Role Engineering for Enterprise Security Management (Information Security and Privacy)
Role-based access control (RBAC) promises to provide several benefits to organizations. These benefits include simplified security provisioning and administration, ease of reporting on privileges and to whom they are available, and finer grained security authorization. By being policy-neutral, RBAC can be used to enforce the variety of access...
Windows PowerShell Pocket Reference: Portable Help for PowerShell Scripters (Pocket Reference)
Windows PowerShell Pocket Reference: Portable Help for PowerShell Scripters (Pocket Reference)

This portable reference to Windows PowerShell 3.0 summarizes the command shell and scripting language, and provides a concise reference to the many tasks that make PowerShell so useful. If you’re a busy Windows administrator, and don’t have time to plow through huge books or search online, this is the ideal on-the-job...

©2021 LearnIT (support@pdfchm.net) - Privacy Policy