当前位置: 首页 > 资源下载 > Web开发 > 查看资源

资源分类
Web开发
Java
.NET
编程语言
数据库
软件工程
图形动画
系统管理
网络通信安全
计算机理论
考试认证
人文百科
文档手册
硬件技术
办公软件

Hacking Exposed Web 2.0

Hacking Exposed Web 2.0

书名:Hacking Exposed Web 2.0

上传:石头

时间:2009-09-09

文件大小:3.98 MB

资源出处:查看资源出处 >>

收藏到网摘: n/a



作者:Rich Cannings, Himanshu Dwivedi, Zane Lackey, Alex Stamos, Chris Clark, Jesse Burns
副书名:Web 2.0 Security Secrets and Solutions
出版日期:December 17, 2007
出版社:McGraw-Hill
页数:258
ISBN:ISBN-10: 0071494618 ISBN-13: 978-0071494618
文件格式:PDF


Lock down next-generation Web services
“This book concisely identifies the types of attacks which are faceddaily by Web 2.0 sites, and the authors give solid, practical advice onhow to identify and mitigate these threats.” –Max Kelly, CISSP, CIPP,CFCE, Senior Director of Security, Facebook
Protect your Web 2.0 architecture against the latest wave ofcybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0shows how hackers perform reconnaissance, choose their entry point, andattack Web 2.0-based services, and reveals detailed countermeasures anddefense techniques. You’ll learn how to avoid injection and bufferoverflow attacks, fix browser and plug-in flaws, and secure AJAX,Flash, and XML-driven applications. Real-world case studies illustratesocial networking site weaknesses, cross-site attack methods, migrationvulnerabilities, and IE7 shortcomings.
Plug security holes in Web 2.0 implementations the proven Hacking Exposed wayLearn how hackers target and abuse vulnerable Web 2.0 applications,browsers, plug-ins, online databases, user inputs, and HTML formsPrevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacksCircumvent XXE, directory traversal, and buffer overflow exploitsLearn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controlsFix vulnerabilities in Outlook Express and Acrobat Reader add-onsUse input validators and XML classes to reinforce ASP and .NET securityEliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applicationsMitigate ActiveX security exposures using SiteLock, code signing, and secure controlsFind and fix Adobe Flash vulnerabilities and DNS rebinding attacks
About the Author
Rich Cannings is a senior information security engineer at Google.
Himanshu Dwivedi is a founding partner of iSEC Partners, an information security organization, and the author of several security books.
Zane Lackey is a senior security consultant with iSEC Partners.
Tags:ExposedhackingWeb


相关书籍

  • Always Be Testing: The Complete Guide to Google Website Optimizer (PDF英文版)
  • Always Be Testing: The Complete Guide to Google Website Optimizer (PDF英文版)
  • 国内外Web 2.0资源总汇[DOC]
  • Beginning Web Programming with HTML, XHTML, and CSS, 2nd Edition (PDF英文版)
  • Eclipse Rich Ajax Platform: Bringing Rich Client to the Web

评论 (3) 1 All

登陆 | 还没注册?