HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
ISBN: 0071740643
EAN: 2147483647
EAN: 2147483647
Year: 2006
Pages: 127
Pages: 127
- Hacking Exposed Web Applications, Second Edition
- Back Cover
- About
- Foreword
- Introduction
- How This Book Is Organized
- Online Resources And Tools
- A Final Word To Our Readers
- Chapter 1: Hacking Web Apps 101
- Resources
- References And Further Reading
- Summary
- How Are Web APPS Attacked?
- Who, When, And Where?
- Why Attack Web Applications?
- Chapter 2: Profiling
- Infrastructure Profiling
- References And Further Reading
- Summary
- General Countermeasures
- Application Profiling
- Chapter 3: Hacking Web Platforms
- Point-And-Click Exploitation Using Metasploit
- References And Further Reading
- Summary
- Web Platform Security Best Practices
- Evading Detection
- Manual Exploitation
- Chapter 4: Web Authentication Attacking
- Bypassing Authentication
- Some Final Thoughts: Identity Theft
- Summary
- References And Further Reading
- Chapter 5: Attacking Web Authorization
- Fingerprinting Authz
- Attacking Acls
- Attacking Tokens
- Authorization Attack Case Studies
- Authorization Best Practices
- Summary
- References And Further Reading
- Chapter 6: Input Validation Attacks
- Expect The Unexpected
- Where To Find Attack Vectors
- Bypass Client-Side Validation Routines
- Common Input Validation Attacks
- Summary
- References And Further Reading
- Chapter 7: Attacking Web Datastores
- SQL Primer
- SQL Injection Discovery
- Exploit SQL Injection Vulnerabilities
- Other Datastore Attacks
- Summary
- Chapter 8: Attacking XML Web Services
- What Is A Web Service?
- Attacking Web Services
- Web Service Security Basics
- Summary
- References And Further Reading
- Chapter 9: Attacking Web Application Management
- Remote Server Management
- Web Content Management
- Admin Misconfigurations
- Developer-Driven Mistakes
- Summary
- References And Further Reading
- Chapter 10: Hacking Web Clients
- Exploits
- Trickery
- General Countermeasures
- Summary
- References And Further Reading
- Chapter 11: Denial-of-Service (DoS) Attacks
- Common Dos Attack Techniques
- General Dos Countermeasures
- Summary
- References And Further Reading
- Chapter 12: Full-Knowledge Analysis
- Threat Modeling
- Rank The Threats
- Code Review
- Security Testing Of Web App Code
- Security In The Web Development Process
- Summary
- References And Further Reading
- Chapter 13: Web Application Security Scanners
- Technology: Web App Security Scanners
- Nontechnical Issues
- Summary
- References And Further Reading
- Appendix A: Web Application Security Checklist
- Appendix B: Web Hacking Tools and Techniques Cribsheet
- Appendix C: URLScan and ModSecurity
- Urlscan
- Modsecurity
- Summary
- References And Further Reading
- Appendix D: About the Companion Web Site
- Index
- B
- C
- D
- E
- F
- G
- H
- I
- J
- K
- L
- M
- N
- O
- P
- Q
- R
- S
- T
- U
- V
- W
- X
- Z
- List of Figures
- List of Tables
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
ISBN: 0071740643
EAN: 2147483647
EAN: 2147483647
Year: 2006
Pages: 127
Pages: 127
- Special Outgoing Label Types
- BGP PE-CE Routing Protocol Overview, Configuration, and Verification
- Command Reference
- Case Study 3: Implementing Layer 2 VPNs over Inter-AS Topologies Using Layer 2 VPN Pseudo-Wire Switching
- Case Study 6: Implementing Class-Based Tunnel Selection with MPLS Traffic Engineering