Buy Online at low price from Helmet Don-The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, 2ed by Dafydd Stuttard Publisher: Wiley; Second edition (23 November 2011) ISBN-13: 978-8126533404 Language: English Paperback: 912 pagesWeb applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side. Special Features · High praise for the first edition, a best-seller (15,744/ 3 years), should attract first edition readers eager for the update and new readers just starting within the industry to the 2e · In response to popular demand, the authors plan to create an online, subscription-based version of a course to reach a much wider audience requiring the book as essential reading · Daf's software business and web presence will be leveraged to generate interest and anticipation in the second edition and to promote it after publication. . · The authors have been asked to speak at several key security conferences, including BlackHat (Las Vegas, Washington DC, Barcelona, Abu Dhabi) following the publication of the book. Table of Content · Introduction · Web Application (In)security · Core Defense Mechanisms · Web Application Technologies · Mapping the Application · Bypassing Client-Side Controls · Attacking Authentication · Attacking Session Management · Attacking Access Controls · Attacking Data Stores · Attacking Back-End Components · Attacking Application Logic · Attacking Users: Cross-Site Scripting · Attacking Users: Other Techniques · Automating Customized Attacks · Exploiting Information Disclosure · Attacking Native Compiled Applications · Attacking Application Architecture · Attacking the Application Server · Finding Vulnerabilities in Source Code · A Web Application Hacker's Toolkit · A Web Application Hacker's Methodology Index
QUESTIONS & ANSWERS
Have a Question?
Be the first to ask a question about this.