|
|
Hacking Exposed Web ApplicationsStock informationGeneral Fields
Special Fields
DescriptionProvides comprehensive coverage of Web application security issues. Author descriptionJoel Scambray (Lafayette, CA) is a Manager in the Information Systems Audit and Advisory Services practice of Ernst & Young. Joel has over five years experience working with a variety of computer and communications technologies from both an operational and strategic standpoint--ranging from Director of IS for a major commercial real estate firm to Technology Analyst for Info World Magazine. Table of contentsPart I: Reconnaissance 1: Introduction to Web Applications and Security 2: Profiling 3: Hacking Web Servers 4: Surveying the Application Part II: The Attack 5: Authentication 6: Authorization 7: Attacking Session State Management 8: Input Validation Attacks 9: Attacking Web Datastores 10: Attacking Web Services 11: Hacking Web Application Management 12: Web Client Hacking 13: Case Studies Part III: Appendixes A: Web Site Security Checklist B: Web Hacking Tools and Techniques Cribsheet C: Using Libwhisker D: UrlScan Installation and Configuration E: About the Companion Web Site |