- Регистрация
- 27 Авг 2018
- Сообщения
- 37,358
- Реакции
- 524,619
- Тема Автор Вы автор данного материала? |
- #1
In today's world of pervasive Internet connectivity and rapidly evolving Web technology, online security is as critical as it is challenging. With the enhanced availability of information and services online and Web-based attacks and break-ins on the rise, security risks are at an all time high. Hacking Exposed Web Applications shows you, step-by-step, how to defend against the latest Web-based attacks by understanding the hacker's devious methods and thought processes. Discover how intruders gather information, acquire targets, identify weak spots, gain control, and cover their tracks. You'll get in-depth coverage of real-world hacks-both simple and sophisticated-and detailed countermeasures to protect against them.
What you'll learn:
- The proven Hacking Exposed methodology to locate, exploit, and patch vulnerable platforms and applications
- How attackers identify potential weaknesses in Web application components
- What devastating vulnerabilities exist within Web server platforms such as Apache, Microsoft's Internet Information Server (IIS), Netscape Enterprise Server, J2EE, ASP.NET, and more
- How to survey Web applications for potential vulnerabilities -including checking directory structures, helper files, Java classes and applets, HTML comments, forms, and query strings
- Attack methods against authentication and session management features such as cookies, hidden tags, and session identifiers
- Most common input validation attacks-crafted input, command execution characters, and buffer overflows
- Countermeasures for SQL injection attacks such as robust error handling, custom stored procedures, and proper database configuration
- XML Web services vulnerabilities and best practices
- Tools and techniques used to hack Web clients-including cross-site scripting, active content attacks and cookie manipulation
- Valuable checklists and tips on hardening Web applications and clients based on the authors' consulting experiences
