Hacking web apps : detecting and preventing web application security problems

Title:

Personal Author:

Shema, Mike

Publication Information:

Amsterdam ; Boston : Syngress, c2012

Physical Description:

xx, 273 p. : ill. ; 24 cm.

ISBN:

9781597499514

Subject Term:

Computer networks -- Security measures

Web site development -- Security measures

Application software -- Security measures

Computer security

Computer crimes -- Prevention

Available:*

Library	Item Barcode	Call Number	Material Type	Item Category 1	Status
Searching... PSZ JB	30000010301428	TK5105.59 S545 2012	Open Access Book	Book	Searching... Unknown
Searching... PSZ KL	30000010243223	TK5105.59 S545 2012	Open Access Book	Book	Searching... Unknown

How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps . The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve.

Attacks featured in this book include:

* SQL Injection

* Cross Site Scripting

* Logic Attacks

* Server Misconfigurations

* Predictable Pages

* Web of Distrust

* Breaking Authentication Schemes

* HTML5 Security Breaches

* Attacks on Mobile Apps

Even if you don't develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked--as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser - sometimes your last line of defense - more secure.

Author Notes

Mike Shema develops web application security solutions at Qualys, Inc. His current work is focused on an automated web assessment service. Mike previously worked as a security consultant and trainer for Foundstone where he conducted information security assessments across a range of industries and technologies. His security background ranges from network penetration testing, wireless security, code review, and web security. He is the co-author of Hacking Exposed: Web Applications, The Anti-Hacker Toolkit and the author of Hack Notes: Web Application Security. In addition to writing, Mike has presented at security conferences in the U.S., Europe, and Asia.

Chapter 1 Introduction

Chapter 2 Cross Site Scripting (XSS)

Chapter 3 Cross Site Request Forgery (CSRF)

Chapter 4 SQL Injection

Chapter 5 Server Misconfigurations and Predictable Pages

Chapter 6 Breaking Authentication Schemes

Chapter 7 Logic Attacks

Chapter 8 Web of Distrust

Chapter 9 HTML5 Security Breaches

Available:*

On Order

Summary

Summary

Author Notes

Table of Contents