eBooks-it.org Logo
eBooks-IT.org Inner Image

The Web Application Hacker's Handbook

Discovering and Exploiting Security Flaws

The Web Application Hacker's Handbook Image

Book Details:

Publisher:Wiley
Series: Wiley , Handbook
Author:Dafydd Stuttard
Edition:1
ISBN-10:0470170778
ISBN-13:9780470170779
Pages:768
Published:Oct 22 2007
Posted:Nov 19 2014
Language:English
Book format:PDF
Book size:10.97 MB

Book Description:

This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools.

Download Link:

Related Books:

The Mobile Application Hacker's Handbook

The Mobile Application Hacker's Handbook Image
See your app through a hackers eyes to find the real sources of vulnerability The Mobile Application Hackers Handbook is a comprehensive guide to securing all mobile applications by approaching the issue from a hackers point of view. Heavily practical, this book provides expert guidance toward discovering and exploiting flaws in mobile applications on the iOS, Android, Blackberry, and Windows Phone platforms. You will learn a proven methodology for approaching mobile application assessments, and the techniques used to prevent, disrupt, and remediate the various types of attacks. Coverage includes data storage, cryptography, transport layers, data leakage, injection attacks, runtime manipulation, security controls, and crossplatform apps, with vulnera...

ModSecurity Handbook

The Complete Guide to the Popular Open Source Web Application Firewall
ModSecurity Handbook Image
ModSecurity Handbook is the definitive guide to ModSecurity, a popular open source web application firewall. Written by Ivan Ristic, who designed and wrote much of ModSecurity, this book will teach you everything you need to know to monitor the activity on your web sites and protect them from attack. Situated between your web sites and the world, web application firewalls provide an additional security layer, monitoring everything that comes in and everything that goes out. They enable you to perform many advanced activities, such as real-time application security monitoring, access control, virtual patching, HTTP traffic logging, continuous passive security assessment, and web application hardening. They can be very effective in preventing applicat...

The Hacker's Handbook

The Strategy Behind Breaking Into and Defending Networks
The Hacker's Handbook Image
The Hackers Handbook: The Strategy Behind Breaking Into and Defending Networks, moves ahead of the pack of books about digital security by revealing the technical aspects of hacking that are least understood by network administrators. This is accomplished by analyzing subjects through a hacking/security dichotomy that details hacking maneuvers and defenses in the same context. Chapters are organized around specific technical components and administrative tasks, providing theoretical background that prepares network defenders for the always-changing and creative tools and techniques of intruders. This book is divided into three parts. Part I introduces programming, protocol, and attack concepts. Part II addresses subject areas (protocols, services, te...



2007 - 2021 © eBooks-IT.org