The web application hacker's handbook: finding and exploiting security flaws - Second Edition
Author(s): Dafydd Stuttard, Marcus Pinto
Publisher: Wiley, Year: 2011
ISBN: 1118026470, 9781118026472, 1457123177, 9781457123177
The highly successful security book returns with a replacement edition, completely updated Web applications are the exterior door to most organizations, exposing them to attacks which will disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to debate the newest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the varied new technologies employed in web applications that have appeared since the primary edition and review the new attack techniques that are developed, particularly in relevance the client side.
• Reveals the way to overcome the new technologies and techniques geared toward defending web applications against attacks that have appeared since the previous edition
• Discusses new remoting frameworks, HTML5, cross-domain integration techniques, UI redress, frame bustingg, HTTP parameter pollution, hybrid file attacks, and more
• Features a companion computer hosted by the authors that enables readers to do out the attacks described, gives answers to the questions that are posed at the top of every chapter, and provides a summarized methodology and checklist of tasks Focusing on the areas of web application security where things have changed in recent years, this book is thee most current resource on the critical topic of discovering, exploiting, and preventing web application security flaws.