The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
|
| |
ISBN |
0470170778 |
|
Release Date |
22 October 2007 |
|
Category |
Computer Security |
|
Tags |
hacker,
hack,
exploit,
the web application hacker's handbook: discovering and exploiting security flaws,
0470170778,
exploiting,
"the web application",
"web application",
security,
discovering,
"discovering and exploiting",
handbook,
047017077,
web,
pinto,
"discovering and exploiting security flaws",
"web application hacker",
|
|
This book @Amazon |
View |
|
Description
|
This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results. The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools. |
Other books on Computer Security
Intrusion Detection Systems (Advances in Information Security)
DNA Computing Models (Advances in Information Security)
VizSEC 2007: Proceedings of the Workshop on Visualization for Computer Security (Mathematics and Visualization)
Crimeware: Understanding New Attacks and Defenses (Symantec Press)
Computer Security, Privacy and Politics: Current Issues, Challenges and Solutions
Information Security Management Handbook, Sixth Edition, Volume 2
No Tech Hacking: A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing
Secrets Stolen, Fortunes Lost: Preventing Intellectual Property Theft and Economic Espionage in the 21st Century
Hacking: The Art of Exploitation, 2nd Edition
Smart Cards, Tokens, Security and Applications
Digital Privacy: Theory, Technologies, and Practices
Gray Hat Hacking, Second Edition
Insider Computer Fraud: An In-depth Framework for Detecting and Defending against Insider IT Attacks
Securing Biometrics Applications
Hacking Exposed Windows: Microsoft Windows Security Secrets and Solutions, Third Edition (Hacking Exposed)
|
|
