Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Web Applications (Hacking Exposed)

Buy
Web Applications (Hacking Exposed), 9780072224382 (007222438X), McGraw-Hill, 2002

"This book goes a long way in making the Web a safer place to do business." -- Mark Curphey, Chair of the Open Web Application Security Project

Unleash the hackers' arsenal to secure your Web applications

In today's world of pervasive Internet connectivity and rapidly evolving Web technology, online security is as critical as it is challenging. With the enhanced availability of information and services online and Web-based attacks and break-ins on the rise, security risks are at an all time high. Hacking Exposed Web Applications shows you, step-by-step, how to defend against the latest Web-based attacks by understanding the hacker's devious methods and thought processes. Discover how intruders gather information, acquire targets, identify weak spots, gain control, and cover their tracks. You'll get in-depth coverage of real-world hacks--both simple and sophisticated--and detailed countermeasures to protect against them.

What you'll learn:

  • The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable platforms and applications
  • How attackers identify potential weaknesses in Web application components
  • What devastating vulnerabilities exist within Web server platforms such as Apache, Microsoft's Internet Information Server (IIS), Netscape Enterprise Server, J2EE, ASP.NET, and more
  • How to survey Web applications for potential vulnerabilities --including checking directory structures, helper files, Java classes and applets, HTML comments, forms, and query strings
  • Attack methods against authentication and session management features such as cookies, hidden tags, and session identifiers
  • Most common input validation attacks--crafted input, command execution characters, and buffer overflows
  • Countermeasures for SQL injection attacks such as robust error handling, custom stored procedures, and proper database configuration
  • XML Web services vulnerabilities and best practices
  • Tools and techniques used to hack Web clients--including cross-site scripting, active content attacks and cookie manipulation
  • Valuable checklists and tips on hardening Web applications and clients based on the authors' consulting experiences
About the Author

Joel Scambray (Lafayette, CA) is a Manager in the Information Systems Audit and Advisory Services practice of Ernst & Young. Joel has over five years experience working with a variety of computer and communications technologies from both an operational and strategic standpoint--ranging from Director of IS for a major commercial real estate firm to Technology Analyst for Info World Magazine.
(HTML tags aren't allowed.)

Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks (Advances in Information Security)
Secure Localization and Time Synchronization for Wireless Sensor and Ad Hoc Networks (Advances in Information Security)
Localization is a critical process in mobile ad hoc networks and wireless sensor networks. Wireless sensor node or MANET devices need to know the network's location or its relative location, with respect to the rest of the network neighbors. However, due to the open spectrum nature of wireless communication, it is subject to attacks and intrusions....
Advanced Electrical Installation Work, Fifth Edition: Level 3 City & Guilds 2330 Technical Certificate & 2356 NVQ
Advanced Electrical Installation Work, Fifth Edition: Level 3 City & Guilds 2330 Technical Certificate & 2356 NVQ
Covers all electrical installation trainees need to know for the Level 3 certificate

Trevor Linsley's textbooks have helped thousands of students to gain their electrical installation qualifications. In a concise and practical way, Advanced Electrical Installation Work supports the City & Guilds 2330
...
Computer Network Security
Computer Network Security
A comprehensive survey of computer network security concepts, methods, and practices. This authoritative volume provides an optimal description of the principles and applications of computer network security in particular, and cyberspace security in general. The book is thematically divided into three segments: Part I describes the operation and...

Digital Signage Broadcasting: Content Management and Distribution Techniques
Digital Signage Broadcasting: Content Management and Distribution Techniques
Digital Signage Broadcasting is a perfect introduction to this new world of opportunities for media professionals in all areas. Whether you are in engineering, IT, advertising, or management, you will gain knowledge on the operations of digital signage systems, content gathering, customer billing, and much more on this new exciting media.
...
UNIX to Linux(R) Porting : A Comprehensive Reference (Prentice Hall Open Source Software Development)
UNIX to Linux(R) Porting : A Comprehensive Reference (Prentice Hall Open Source Software Development)

Port Your UNIX® Applications to Linux®–Quickly, Efficiently, and Reliably

Increasingly, developers, architects, and project managers face the challenge of porting their C, C++, and Java applications from UNIX® to Linux® environments. Now,...

Developing Web Apps with Haskell and Yesod: Safety-Driven Web Development
Developing Web Apps with Haskell and Yesod: Safety-Driven Web Development

This fast-moving guide introduces web application development with Haskell and Yesod, a potent language/framework combination that supports high-performing applications that are modular, type-safe, and concise. Fully updated for Yesod 1.4, this second edition shows you how Yesod handles widgets, forms, persistence, and RESTful...

©2019 LearnIT (support@pdfchm.net) - Privacy Policy