backend access points, 60
banner grabbing , 2930
See also fingerprinting
Basic authentication, 130132
BEA WebLogic Remote Administration exploit, 8589
countermeasure, 8990
best practices
ACL, 200202
authorization, 199206
PHP, 115117
security checklist, 466470
web platform security, 102117
binary analysis, 414
debugging, 417420
example, 416417
role of in full-knowledge reviews, 415416
techniques, 420423
tools, 475
browser extensions, 12
advantages, 13
Firefox, 1417
Internet Explorer, 1314
Browser Helper Object (BHO), 352
browsers, 1213, 472
low-privilege browsing, 359360
offline, 161
brute-force attacks, 127, 182183
Brutus, 126128
and forms-based attacks, 136, 137
buffer overflow attacks, 213215
FrontPage VSRAD buffer overflow, 300301
Burp Intruder, 2122
See also HTTP proxies
bypassing authentication, token replay, 147148