Hacking Exposed: Web Applications, 3rd Edition By Joel Scambray, Vincent Liu, Caleb Sima MG-H, 3rd Edition 2011 | 482 Pages | ISBN: 0071740643 | PDF | 7 MB
The latest Web app attacks and countermeasures from world-renowned practitioners Protect your Web applications from malicious attacks by mastering the weapons and thought processes of today's hacker. Written by recognized security practitioners and thought leaders, Hacking Exposed Web Applications, Third Edition is fully updated to cover new infiltration methods and countermeasures. Find out how to reinforce authentication and authorization, plug holes in Firefox and IE, reinforce against injection attacks, and secure Web 2.0 features. Integrating security into the Web development lifecycle (SDL) and into the broader enterprise information security program is also covered in this comprehensive resource.
* Get full details on the hacker's footprinting, scanning, and profiling tools, including SHODAN, Maltego, and OWASP DirBuster * See new exploits of popular platforms like Sun Java System Web Server and Oracle WebLogic in operation * Understand how attackers defeat commonly used Web authentication technologies * See how real-world session attacks leak sensitive data and how to fortify your applications * Learn the most devastating methods used in today's hacks, including SQL injection, XSS, XSRF, phishing, and XML injection techniques * Find and fix vulnerabilities in ASP.NET, PHP, and J2EE execution environments * Safety deploy XML, social networking, cloud computing, and Web 2.0 services * Defend against RIA, Ajax, UGC, and browser-based, client-side exploits * Implement scalable threat modeling, code review, application scanning, fuzzing, and security testing procedures
------------------------------------------------------------------------------------------------------------------------------------
Hacking Exposed: Network Security Secrets and Solutions
Publisher: McGraw-Hill Osborne Media | ISBN: 0071613749 | edition 2009 | PDF | 720 pages | 14,8 mb
Meet the formidable demands of security in today's hyperconnected world with expert guidance from the world-renowned Hacking Exposed team. Following the time-tested "attack-countermeasure" philosophy, this 10th anniversary edition has been fully overhauled to cover the latest insidious weapons in the hacker's extensive arsenal. New and updated material:
- New chapter on hacking hardware, including lock bumping, access card cloning, RFID hacks, USB U3 exploits, and Bluetooth device hijacking
- Updated Windows attacks and countermeasures, including new Vista and Server 2008 vulnerabilities and Metasploit exploits
- The latest UNIX Trojan and rootkit techniques and dangling pointer and input validation exploits...
-------------------------------------------------------------------------------------------------------------------------------
SIZE 4.9 Mb
Number Of Pages: 400
Publication Date: 2010
ISBN-10 / ASIN: 0071591184
ISBN-13 / EAN: 9780071591188
Publisher:McGraw-Hill Osborne Media
"A harrowing guide to where the bad guys hide, and how you can find them." --Dan Kaminsky, Director of Penetration Testing, IOActive
"An amazing resource. It is timely, focused, and what we need to better understand and defend against one of the greatest cyber threats we face." --From the Foreword by Lance Spitzner, President of the Honeynet Project
Don't let another machine become a zombie in the malware army
Defend against the ongoing wave of malware and rootkit assaults the failsafe Hacking Exposed way. Real-world case studies and examples reveal how today's hackers use readily available tools to infiltrate and hijack systems. Step-by-step countermeasures provide proven prevention techniques. Find out how to detect and eliminate malicious embedded code, block pop-ups and websites, prevent keylogging, and terminate rootkits. The latest intrusion detection, firewall, honeynet, antivirus, anti-rootkit, and anti-spyware technologies are covered in detail.
• Understand how malware infects, survives, and propagates across an enterprise
• Learn how hackers use archivers, encryptors, and packers to obfuscate code
• Implement effective intrusion detection and prevention procedures
• Defend against keylogging, redirect, click fraud, and identity theft threats
• Detect, kill, and remove virtual, user-mode, and kernel-mode rootkits
• Prevent malicious website, phishing, client-side, and embedded-code exploits
• Protect hosts using the latest antivirus, pop-up blocker, and firewall software
• Identify and terminate malicious processes using HIPS and NIPS
-------------------------------------------------------------------------------------------------------------------------------------
This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook
• Plug security holes in Web 2.0 implementations the proven Hacking Exposed way
• Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms
• Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks
• Circumvent XXE, directory traversal, and buffer overflow exploits
• Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls
• Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons
• Use input validators and XML classes to reinforce ASP and .NET security
• Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications
• Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls
• Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks
0 comments:
Post a Comment