找回密码
 注册
搜索
热搜: java php web
查看: 770|回复: 1

The Web Application Hacker’s Handbook: Discovering and Exploiting Security Flaws

[复制链接]
发表于 2009-12-21 20:31:18 | 显示全部楼层 |阅读模式
本帖最后由 石头 于 2009-12-21 20:33 编辑



作者:Dafydd Stuttard, Marcus Pinto
出版日期:October 22, 2007
出版社:Wiley Publishing
页数:768
ISBN:ISBN-10: 0470170778 ISBN-13: 978-0470170779
文件格式:PDF

Review
“If you have an interest in web application security, I would highlyrecommend picking up a copy of this book, especially if you’reinterested in being able to audit applications for vulnerabilities”.
Robert Wesley McGrew, McGrew Security
Product Description
This book is a practical guide to discovering and exploiting securityflaws in web applications. The authors explain each category ofvulnerability using real-world examples, screen shots and codeextracts. The book is extremely practical in focus, and describes indetail the steps involved in detecting and exploiting each kind ofsecurity weakness found within a variety of applications such as onlinebanking, e-commerce and other web applications.
The topics covered include bypassing login mechanisms, injectingcode, exploiting logic flaws and compromising other users. Becauseevery web application is different, attacking them entails bringing tobear various general principles, techniques and experience in animaginative way. The most successful hackers go beyond this, and findways to automate their bespoke attacks. This handbook describes aproven methodology that combines the virtues of human intelligence andcomputerized brute force, often with devastating results.
The authors are professional penetration testers who have beeninvolved in web application security for nearly a decade. They havepresented training courses at the Black Hat security conferencesthroughout the world. Under the alias “PortSwigger”, Dafydd developedthe popular Burp Suite of web application hack tools.

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有账号?注册

×
您需要登录后才可以回帖 登录 | 注册

本版积分规则

Archiver|手机版|小黑屋|软晨网(RuanChen.com)

GMT+8, 2024-11-22 23:35

Powered by Discuz! X3.5

Copyright © 2001-2023 Tencent Cloud.

快速回复 返回顶部 返回列表