FlazX | Browse Computer Book | Community Board | Links | Blog | Login


Hacking the Code: ASP.NET Web Application Security



eBook Information




Hacking the Code: ASP.NET Web Application Security
ISBN  1932266658
Release Date  02 May 2004
Category  ASP.NET
This book @Amazon  View

Google Search
Google
Web flazx.com


Hacker Code will have over 400 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, HC1 will dive right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques from Foundstone and other respected organizations will be included in both the Local and Remote Code sections of the book.

The book will be accompanied with a FREE COMPANION CD containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD will also contain a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library will include multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions will simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.

* Learn to quickly create security tools that ease the burden of software testing and network administration
* Find out about key security issues regarding vulnerabilities, exploits, programming flaws, and secure code development
* Discover the differences in numerous types of web-based attacks so that developers can create proper quality assurance testing procedures and tools
* Learn to automate quality assurance, management, and development tasks and procedures for testing systems and applications
* Learn to write complex Snort rules based solely upon traffic generated by network tools and exploits

User review
Definitely a worthy book for developers and security pros alike
Hacking the Code is a must read if you want to pick apart .NET Web applications in the name of better security. More people in development and IT need to read books like this. I like how it focuses on ASP.NET - the language that a large portion of Web applications are developed in today. The book covers the important areas of securing applications and shows some good examples. Appendix A also has some good ASP.NET code samples for real-world concerns.

I especially like the coverage on authentication mechanisms which is something that's often taken for granted by developers but where I tend to find a lot of the weaknesses in the work I do. Plus it doesn't just focus on the technical side of things with the coverage of users awareness and policies. Overall, very good at covering the root of many of our security problems.

User review
Spot on
In my never ending attempt to educate myself on web application security I thought it would be a great idea to look at this from the developer perspective. This text is a great piece on the ASP.NET side of development and security. It does a great job of showing what the developer may normally code and why that is NOT security oriented. It is a great tool for bridging the gap between security team and developer team so that you can speak intelligently on both even though you are NOT a developer or security professional. If you have an ASP.NET dev shop in your environment you should have someone if not everyone from your dev and security teams read this book to facilitate a more open line of commination between the two. Highly recommended.

User review
Great book
english is not my native language but this book has a clear language that is easy to understant and examples are very good. Writer tells many experiences that he faced at past about security, it's vulnarables and precautions.
I highly recommend this book.

User review
Secure Coding 101
Personally I work as a penetration tester, so Hacking the Code was right up my alley. I read the book over the course of a day, stuck at an airport. (,,.)Mark has a certain way of showing information to the reader in a very clear and thought-out manor. Content of the book may be of highly technical nature but it is very easy to read (a rare mix). By the end of the book I felt like I knew everything about ASP, its amazing how much there really is to know.
If you work in the security industry then this book is a must, however, if you are a developer, webmaster or even someone curious about code security, READ IT.

Highly recommend

User review
very unprofessional
The authors can't connect two words together. Don't waste money on this book.







Resources
FlazX 100 Newest Books  Top 100 Search Keywords  Last 100 Search Keywords  Community Edition 


Google Talk : admin-at-flazx-dot-us


eXTReMe Tracker