Seven Deadliest Web Application Attacks book cover

Seven Deadliest Web Application Attacks

Do you need to keep up with the latest hacks, attacks, and exploits effecting web applications? Then you need Seven Deadliest Web Application Attacks. This book pinpoints the most dangerous hacks and exploits specific to web applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.

Attacks detailed in this book include:

  1. Cross-Site Scripting (XSS)
  2. Cross-Site Request Forgery (CSRF)
  3. SQL Injection
  4. Server Misconfiguration and Predictable Pages
  5. Breaking Authentication Schemes
  6. Logic Attacks
  7. Malware and Browser Attacks

Audience

Information security professionals of all levels; web application developers; recreational hackers

Paperback, 192 Pages

Published: March 2010

Imprint: Syngress

ISBN: 978-1-59749-543-1

Reviews

  • "Author Mike Shema explains potential vulnerabilities and offers case studies based on actual attacks, looking at the topic from a forensic perspective to devise proper preventive measures. This is where the series will endear itself to Web application developers and to security professionals in particular…. This set of books assumes some basic familiarity with the Web. It should, however, appeal to all security professionals, from top-level executives and IT experts to the lowest rung of managers."--Security Management

    "For the reader engaged in professional testing of this type the explanation of the issues and mitigation strategies will provide an ideal starting point for educating and advising clients.… For any reader looking for a sound basic introduction to web application security testing without wanting to spend too much this book can be recommended as an ideal place to start."--BCS British Computer Society


Contents

  • Introduction

    Chapter 1: Cross-Site Scripting (XSS)

    Chapter 2: Cross-Site Request Forgery (CSRF)

    Chapter 3: SQL Injection

    Chapter 4: Server Misconfiguration and Predictable Pages

    Chapter 5: Breaking Authentication Schemes

    Chapter 6: Logic Attacks

    Chapter 7: Web of Distrust

Advertisement

advert image