Flylib.com
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
ISBN: 0071740643
EAN: 2147483647
Year: 2006
Pages: 127
Authors:
Joel Scambray
,
Vincent Liu
,
Caleb Sima
BUY ON AMAZON
Hacking Exposed Web Applications, Second Edition
Back Cover
About
Foreword
Introduction
How This Book Is Organized
Online Resources And Tools
A Final Word To Our Readers
Chapter 1: Hacking Web Apps 101
Resources
References And Further Reading
Summary
How Are Web APPS Attacked?
Who, When, And Where?
Why Attack Web Applications?
Chapter 2: Profiling
Infrastructure Profiling
References And Further Reading
Summary
General Countermeasures
Application Profiling
Chapter 3: Hacking Web Platforms
Point-And-Click Exploitation Using Metasploit
References And Further Reading
Summary
Web Platform Security Best Practices
Evading Detection
Manual Exploitation
Chapter 4: Web Authentication Attacking
Bypassing Authentication
Some Final Thoughts: Identity Theft
Summary
References And Further Reading
Chapter 5: Attacking Web Authorization
Fingerprinting Authz
Attacking Acls
Attacking Tokens
Authorization Attack Case Studies
Authorization Best Practices
Summary
References And Further Reading
Chapter 6: Input Validation Attacks
Expect The Unexpected
Where To Find Attack Vectors
Bypass Client-Side Validation Routines
Common Input Validation Attacks
Summary
References And Further Reading
Chapter 7: Attacking Web Datastores
SQL Primer
SQL Injection Discovery
Exploit SQL Injection Vulnerabilities
Other Datastore Attacks
Summary
Chapter 8: Attacking XML Web Services
What Is A Web Service?
Attacking Web Services
Web Service Security Basics
Summary
References And Further Reading
Chapter 9: Attacking Web Application Management
Remote Server Management
Web Content Management
Admin Misconfigurations
Developer-Driven Mistakes
Summary
References And Further Reading
Chapter 10: Hacking Web Clients
Exploits
Trickery
General Countermeasures
Summary
References And Further Reading
Chapter 11: Denial-of-Service (DoS) Attacks
Common Dos Attack Techniques
General Dos Countermeasures
Summary
References And Further Reading
Chapter 12: Full-Knowledge Analysis
Threat Modeling
Rank The Threats
Code Review
Security Testing Of Web App Code
Security In The Web Development Process
Summary
References And Further Reading
Chapter 13: Web Application Security Scanners
Technology: Web App Security Scanners
Nontechnical Issues
Summary
References And Further Reading
Appendix A: Web Application Security Checklist
Appendix B: Web Hacking Tools and Techniques Cribsheet
Appendix C: URLScan and ModSecurity
Urlscan
Modsecurity
Summary
References And Further Reading
Appendix D: About the Companion Web Site
Index
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
Q
R
S
T
U
V
W
X
Z
List of Figures
List of Tables
HACKING EXPOSED WEB APPLICATIONS, 3rd Edition
ISBN: 0071740643
EAN: 2147483647
Year: 2006
Pages: 127
Authors:
Joel Scambray
,
Vincent Liu
,
Caleb Sima
BUY ON AMAZON
Snort Cookbook
Running Snort to Detect Intrusions
Logging Application Data
Installing and Configuring MySQL
Carrying Out Statistical Analysis
Generating Text-Based Log Analysis
Java for RPG Programmers, 2nd Edition
String Manipulation
Date And Time Manipulation
User Interface
Database Access
More Java
Cisco IOS in a Nutshell (In a Nutshell (OReilly))
Access Lists
Border Gateway Protocol
Sample Legacy DDR Configurations
Dialer Interfaces (Dialer Profiles)
Routine Security Measures
Microsoft Windows Server 2003(c) TCP/IP Protocols and Services (c) Technical Reference
Internet Protocol (IP) Routing
Transmission Control Protocol (TCP) Connections
Transmission Control Protocol (TCP) Data Flow
Dynamic Host Configuration Protocol (DHCP) Server Service
File and Printer Sharing
Logistics and Retail Management: Emerging Issues and New Challenges in the Retail Supply Chain
Retail Logistics: Changes and Challenges
Market Orientation and Supply Chain Management in the Fashion Industry
Logistics in Tesco: Past, Present and Future
Rethinking Efficient Replenishment in the Grocery Sector
The Development of E-tail Logistics
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Executing Scripts
Resetting Your SQL*Plus Environment
Error Handling
Where to Find More Tuning Information
Section B.3. Formatting Dates
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy
This website uses cookies. Click
here
to find out more.
Accept cookies