In this book, we aim to describe how to make a computer bend to your will by finding and exploiting vulnerabilities specifically in Web applications. We will describe common security issues in Web applications, tell you how to find them, describe how to exploit them, and then tell you how to fix them. We will also cover how and why some hackers (the bad guys) will try to exploit these vulnerabilities to achieve their own end. We will also try to explain how to detect if hackers are actively trying to exploit vulnerabilities in your own Web applications.

Key Features

· Learn to defend Web-based applications developed with AJAX, SOAP, XMLPRC, and more. · See why Cross Site Scripting attacks can be so devastating. · Download working code from the companion Web site.


This book is written for designers, developers, and testers of Web-based applications. These readers are intermediate to advanced and have working knowledge of all common programming languages used for developing Web-based applications including Java, JavaScript, AJAX, ColdFusion, Perl, ActiveX, and the various .net languages.

Table of Contents

Chapter 1: Introduction Chapter 2: Information Gathering Techniques Chapter 3: Common Input Validation Vulnerabilities Chapter 4: Application Logic Flaws and Common Coding Issues Chapter 5: Common Client Trust Issues Chapter 6: Server Side Validation Vulnerabilities in a Multi User Multi Role Environment Chapter 7: Session Management Vulnerabilities Chapter 8: Phishing Chapter 9: Client Side Security Chapter 10: Same Issues / New Technologies Chapter 11: Other Security Considerations


No. of pages:
© 2007
Print ISBN:
Electronic ISBN: