Hacking Exposed Web Applications

Implement bulletproof e-business security the proven Hacking Exposed way Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors'experiences as gray hat security professionals. bull; bull;Find out how hackers use infrastructure and application profiling to perform reconnaissance and enter vulnerable systems bull;Get details on exploits, evasion techniques, and countermeasures for the most popular Web platforms, including IIS, Apache, PHP, and ASP.NET bull; Learn the strengths and weaknesses of common Web authentication mechanisms, including password-based, multifactor, and single sign-on mechanisms like Passport bull;See how to excise the heart of any Web application's access controls through advanced session analysis, hijacking, and fixation techniques bull;Find and fix input validation flaws, including cross-site scripting (XSS), SQL injection, HTTP response splitting, encoding, and special character abuse bull;Get an in-depth presentation of the newest SQL injection techniques, including blind attacks, advanced exploitation through subqueries, Oracle exploits, and improved countermeasures bull;Learn about the latest XML Web Services hacks, Web management attacks, and DDoS attacks, including click fraud bull;Tour Firefox and IE exploits, as well as the newest socially-driven client attacks like phishing and adwareScambray, Joel is the author of 'Hacking Exposed Web Applications', published 2006 under ISBN 9780072262995 and ISBN 0072262990.