Profits Run - Stock, Forex, Futures, Options Trading Methods & Systems

     

Books : The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

In association with Amazon.com
  


List Price: $50.00
Amazon.com's Price: $31.50
You Save: $18.50 (37%)
Prices subject to change.

Used Price: $27.63
Third Party New Price: $26.61


Availability: Usually ships in 24 hours



This item ships for FREE with Super Saver Shipping.
Binding: Paperback
Dewey Decimal Number: 005.8
EAN: 9780470170779
ISBN: 0470170778
Label: Wiley
Manufacturer: Wiley
Number Of Items: 1
Number Of Pages: 768
Publication Date: October 22, 2007
Publisher: Wiley
Sales Rank: 7736
Studio: Wiley



Related Items:

Editorial Review:

Product Description:
This book is a practical guide to discovering and exploiting security flaws in web applications. The authors explain each category of vulnerability using real-world examples, screen shots and code extracts. The book is extremely practical in focus, and describes in detail the steps involved in detecting and exploiting each kind of security weakness found within a variety of applications such as online banking, e-commerce and other web applications.

The topics covered include bypassing login mechanisms, injecting code, exploiting logic flaws and compromising other users. Because every web application is different, attacking them entails bringing to bear various general principles, techniques and experience in an imaginative way. The most successful hackers go beyond this, and find ways to automate their bespoke attacks. This handbook describes a proven methodology that combines the virtues of human intelligence and computerized brute force, often with devastating results.

The authors are professional penetration testers who have been involved in web application security for nearly a decade. They have presented training courses at the Black Hat security conferences throughout the world. Under the alias "PortSwigger", Dafydd developed the popular Burp Suite of web application hack tools.



Customer Reviews
Average Rating: out of 5 stars

Rating: 5 out of 5 stars - Good book
This was my first web application security book. I've been reading online blogs and web-sites about web security for a while, and I've been waiting for this book to come out. Because of the lack of web security books on the market. But I am impressed with this book. It covers just about everything and shows the reader how hackers exploit web applications in a multitude of ways. This will definately help me secure my own websites and I'm already practicing a lot of what I've learned in this book ... Read More


Rating: 5 out of 5 stars - More than just words!
This is an excellent book. Many books of this nature leave you wanting. They talk in complicated jargon, excite you about learning new concepts, and then leave you hanging with no real application of what you are learning. This is not the case with This book.

This book is excellent for both the beginner and the advanced! Plenty of real examples! Walks the beginner through the concepts of foot printing. It explains the technologies and then for the advanced it talks about creating custom ... Read More


Rating: 5 out of 5 stars - A Truely Excellent Resource for any Professional Web Hacker!
If you do any type of professional Web Application Assessments then this is your bible. I have read many books on web app assessments and perform many Web Application Assessments for many large companies and government agencies and this is an excellent resource. I use Dafydd's Burp Suite and I can not say enough about it. If you are serious about Web Application security then this is a must read. Thanks to Dafydd and Marcus for a great book.

Kevin


Rating: 5 out of 5 stars - An excellent thorough resource for web application security
This is a great read for anyone interested in the security of modern web applications. It covers the hacking process from mapping the attack surface to exploiting input validation, access control, session management, and authentication vulnerabilities using real-world examples and diagrams. There is an in-depth 100pg chapter on injecting code(e.g. SQL, OS, script, etc injection) and a 95pg chapter on attacking other users(e.g. XSS, request forgery, etc attacks). There is information about bypassing common ... Read More


Rating: 5 out of 5 stars - Everything You Need to Know
This is the most important IT security title written in the past year or more. Why? Custom web applications offer more opportunities for exploitation than all of the publicized vulnerabilities your hear about combined. This book gives expert treatment to the subject. I found the writing to be very clear and concise in this 727 page volume. There is minimal fluff. While everything is clearly explained, this is not a beginners book. The authors assume that you can read html, JavaScript, etc... Usually ... Read More


Browse for similar items by category:

 

script by MrRat

Disclaimer: Futures, forex, stock, and options trading is not appropriate for everyone. There is a substantial risk of loss associated with trading these markets. Losses can and will occur. No system or methodology has ever been developed that can guarantee profits or ensure freedom from losses. No representation or implication is being made that using these methodologies or systems will generate profits or ensure freedom from losses.

Copyright © 2001 - 2009 Profits Run, Inc. All rights reserved.
Joomla Templates by JoomlaShack Joomla Templates by Compass Design