Hacking Web Apps book cover

Browse books > Hacking Web Apps

Hacking Web Apps

Detecting and Preventing Web Application Security Problems

By
  • Mike Shema, Web Application Security Solutions, Qualys, Inc.

How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps. The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve.

Attacks featured in this book include:

• SQL Injection

• Cross Site Scripting

• Logic Attacks

• Server Misconfigurations

• Predictable Pages

• Web of Distrust

• Breaking Authentication Schemes

• HTML5 Security Breaches

• Attacks on Mobile Apps

Even if you don’t develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked-as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser - sometimes your last line of defense - more secure.

Paperback, 296 Pages

Published: August 2012

Imprint: Syngress

ISBN: 978-1-59749-951-4

Reviews

  • "This book is equally valuable to technical security practitioners and less-technical security leaders alike.  I recommend anyone looking to develop their own web applications or defend against modern web application exploitation take advantage of Mike Shema’s expertise on this topic."

                                                                          -Doug Steelman, Chief Information Security Officer, Dell SecureWorks

    "Hacking Web Apps by Mike Shema introduces novice security practitioners to the most threatening exploits plaguing modern web applications.  The book covers more than the raw concepts, by bringing in other vulnerabilities and showing how the various exploits relate to one another; and it does so in human readable terms."

                                                                          -Robert Hansen, CEO of Falling Rock Networks and SecTheory Ltd.


Contents

  • Chapter 1 - Introduction

    Chapter 2 - Cross Site Scripting (XSS)

    Chapter 3 - Cross Site Request Forgery (CSRF)

    Chapter 4 - SQL Injection

    Chapter 5 - Server Misconfigurations and Predictable Pages

    Chapter 6 - Breaking Authentication Schemes

    Chapter 7 - Logic Attacks

    Chapter 8 - Web of Distrust

    Chapter 9 - HTML5 Security Breaches

Advertisement

advert image