Hacking Web Apps Detecting and Preventing Web Application Security Problems
Auteur : Shema Mike
How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps. The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve.
Attacks featured in this book include:
? SQL Injection
? Cross Site Scripting
? Logic Attacks
? Server Misconfigurations
? Predictable Pages
? Web of Distrust
? Breaking Authentication Schemes
? HTML5 Security Breaches
? Attacks on Mobile Apps
Even if you don?t develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked?as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser ? sometimes your last line of defense ? more secure.
Chapter 1 - Introduction
Chapter 2 - Cross Site Scripting (XSS)
Chapter 3 - Cross Site Request Forgery (CSRF)
Chapter 4 - SQL Injection
Chapter 5 - Server Misconfigurations and Predictable Pages
Chapter 6 - Breaking Authentication Schemes
Chapter 7 - Logic Attacks
Chapter 8 - Web of Distrust
Chapter 9 - HTML5 Security Breaches
Information Security professionals of all levels, web application developers, recreational hackers.
- More and more data, from finances to photos, is moving into web applications. How much can you trust that data to be accessible from a web browser anywhere and safe at the same time?
- Some of the most damaging hacks to a web site can be executed with nothing more than a web browser and a little knowledge of HTML.
- Learn about the most common threats and how to stop them, including HTML Injection, XSS, Cross Site Request Forgery, SQL Injection, Breaking Authentication Schemes, Logic Attacks, Web of Distrust, Browser Hacks and many more.
Date de parution : 10-2012
Ouvrage de 296 p.
19x23.4 cm
Thèmes de Hacking Web Apps :
Mots-clés :
Application Programming Interfaces; Authentication; Blacklists; Botnets; Browser Attacks; Brute Force Attacks; CORS Policy; CSRF; Clickjacking; DNS; Data Frames; Design Attacks; DoS Attack; DoS Attacks; Ephemeral HTML Injection; Extended Verification SSL; HSTS; HTML Injection; HTML5; HTTPS; Implementation Error; Inadequate Data Sanitization; JavaScript; Keylogger; LINQ; Logic Attacks; Malware; NoSQL Databases; Obfuscation; Out of Band HTML Injection; PRNG; Passwords; Persistent HTML Injection; Privacy; Privileged Network Position; SQL Injection; SSL Certificates; Same Origin Policy; Session Cookies; Userid; Web Browsers; WebSocket; XHR Object; XSS; ciphertext; iframe; tcpdump