The highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack techniques that have been developed, particularly in relation to the client side.
Reveals how to overcome the new technologies and techniques aimed at defending web applications against attacks that have appeared since the previous edition
Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, framebusting, HTTP parameter pollution, hybrid file attacks, and more
Features a companion web site hosted by the authors that allows readers to try out the attacks described, gives answers to the questions that are posed at the end of each chapter, and provides a summarized methodology and checklist of tasks
Focusing on the areas of web application security where things have changed in recent years, this book is the most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws.
Hack the planet
Web applications are everywhere, and they're insecure. Banks, retailers, and others have deployed millions of applications that are full of holes, allowing attackers to steal personal data, carry out fraud, and compromise other systems. This innovative book shows you how they do it.
This is hands-on stuff. The authors, recognized experts in security testing, take a practical approach, showing you the detailed steps involved in finding and exploiting security flaws in web applications. You will learn to:
- Defeat an application's core defense mechanisms and gain unauthorized access, even to the most apparently secure applications
- Map attack surfaces and recognize potential entry points
- Break client-side controls implemented within HTML, Java®, ActiveX®, and Flash®
- Uncover subtle logic flaws that leave applications exposed
- Use automation to speed up your attacks, with devastating results
- Delve into source code and spot common vulnerabilities in languages like C#, Java, and PHP
Know your enemy
To defend an application, you must first know its weaknesses. If you design or maintain web applications, this book will arm you with the protective measures you need to prevent all of the attacks described. If you're a developer, it will show you exactly where and how to strengthen your defenses.
Link to full .PDF will be provided upon purchase.
Buyer Stats
Comment
Rating
Freshness
5/5
Very quick turnaround. Would recommend! Thanks very much psychonautical! :)
2 months ago
Buyer ID 63840725, amount $1.00, 2 months old with 22 purchases.
5/5
Arrived quickly and was just as described.
4 months ago
Buyer ID 4487abb7, 5 months old with 21 purchases.