Sams Teach Youself Serials
Powered by MaxBlogPress  
Top
Browse > Home / Computer IT / The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws

The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws

Tags:, , , , ; 819 views

The Application ’s : Discovering and Exploiting Flaws
by Dafydd Stuttard, Marcus Pinto

  • Paperback: 736 pages
  • Publisher: (October 22, 2007)
  • Language: English
  • ISBN-10: 0470170778
  • ISBN-13: 978-0470170779

Book Description

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws
This book is a practical guide to discovering and exploiting flaws in applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of weakness found within a variety of applications such as online banking, e-commerce and other applications. The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.

The authors are professional penetration testers who have been involved in application for nearly a decade. They have presented training courses at the Black Hat conferences throughout the world. Under the alias “PortSwigger”, Dafydd developed the popular Burp Suite of application hack tools.

Table of Contents

Introduction.

Introduction to Applications.

Application Structure.

Application Technologies.

Mapping the Application.

Bypassing Client-Side Controls.

Attacking Authentication.

Attacking Session Management.

Attacking Access Controls.

Injecting Code.

Path Traversal Vulnerabilities.

Logic Flaws.

Attacking Other Users.

Automating Bespoke Attacks.

Gathering Information.

Classic Software Vulnerabilities.

Vulnerabilities in Application Architecture.

Server Vulnerabilities.

Finding Vulnerabilities in Source Code.

A Application ’s Toolkit.

A Application ’s Methodology.

Index.

Download Download Links: Link1

Tags:, , , ,
Popularity: 68% [?]
Help us to buy a hostmonster hosting, Thank you! ($6.95/month)

We don't host these ebooks! This is only a index of ebooks. If you don't want this ebook to post here, please contact us! We'll remove it.


Related Books

I'm making money from:


Payment Proof!

Comments

Download links broken?





If you don't want this book to be posted here, please contact us.

*
To prove you're a person (not a spam script), type the security word shown in the picture. Click on the picture to hear an audio file of the word.
Click to hear an audio file of the anti-spam word

Random Books

Most Viewed

Recent Comments

Bottom