Industrial-Sized Deals Best Books of the Month Shop Women's Handbags Learn more nav_sap_SWP_6M_fly_beacon $5 Albums Storm Fire TV Stick Amazon Elements Sensitive Baby Wipes, Exclusive to Prime Find the Best Purina Pro Plan for Your Pet Shop Popular Services Home Theater Setup Plumbing Services Assembly Services Shop all tmnt tmnt tmnt  Amazon Echo Fire HD 6 Kindle Voyage The Walking Dead\ Gear Up for Football Deal of the Day

HackNotes(tm) Web Security Pocket Reference 1st Edition

6 customer reviews
ISBN-13: 978-0072227840
ISBN-10: 0072227842
Why is ISBN important?
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Have one to sell? Sell on Amazon
More Buying Choices
8 New from $14.00 26 Used from $0.01
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student

InterDesign Brand Store Awareness Rent Textbooks

Editorial Reviews

From the Back Cover

HackNotes Web Security Portable Reference describes the hacks and vulnerabilities threatening today's Web applications, then provides the defenses necessary to counteract and destroy threats of all manner. Determine whether a vulnerability exists, then attack and overcome application weaknesses through a series of tested and trusted anti-hacking methods, bullet-proof best practices, and code-level techniques. Use the unique Reference Center in the middle of the book to access security commands, input validation checklists, tables for alternate encoding schemes, online resources, SQL injection hints, application testing methodologies, and more.

  • Find critical information in seconds with special 32-page Reference Center insert .
  • Configure a secure Web server and develop secure Web applications .
  • Learn and understand application scouring and penetration methodologies .
  • Protect application data from unauthorized access .
  • Create hardened policies, applications, and services .
  • Track evidence of application attacks in Web server log files .
  • Block platform and Web application vulnerabilities .
  • Learn the tools available to handle session hijacking, SQL injection, and more .
  • Eliminate common programming pitfalls in ASP, PHP, Java, and Perl .
  • Identify Web-based attacks with thorough log analysis .

About the Author

Mike Shema is the CSO of NT Objectives and has made web application security presentations at numerous security conferences. He has conducted security reviews for a wide variety of web technologies and developed training material for application security courses. He is also a co-author of Anti-Hacker Toolkit.


Best Books of the Month
Best Books of the Month
Want to know our Editors' picks for the best books of the month? Browse Best Books of the Month, featuring our favorite new books in more than a dozen categories.

Product Details

  • Series: Hacknotes
  • Paperback: 240 pages
  • Publisher: McGraw-Hill Osborne Media; 1 edition (June 30, 2003)
  • Language: English
  • ISBN-10: 0072227842
  • ISBN-13: 978-0072227840
  • Product Dimensions: 5.9 x 0.5 x 8.9 inches
  • Shipping Weight: 0.8 ounces
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (6 customer reviews)
  • Amazon Best Sellers Rank: #611,067 in Books (See Top 100 in Books)

More About the Author

Mike Shema writes software to automate security testing for web applications, but that's for work. For fun he writes books and blog posts about information security, with an infusion of references to music (80's), sci-fi (apocalyptic), and horror (spooky) to keep the topics entertaining. He has taught hacking classes and presented research at security conferences around the world.

Customer Reviews

Most Helpful Customer Reviews

10 of 10 people found the following review helpful By Dr Anton Chuvakin on November 3, 2003
Format: Paperback
Just as the network security Hacknote (the first in the series), this one delivers what is promises. The book provides a nice well-written, fairly comprehensive review of web application security.
It also manages to balance attacks and defenses, technology and methodology, tools and concepts, breadth and depth (as appropriate for the 180 page book). The book is very useful as a refresher or to move one step further in web security for a busy security professional who already knows the basics. The book obviously won't make you an expert (as likely no book will) and likely won't reveal any novel attacks to "hardened" web security types.
I liked the book, since it came handy when I needed to look up some web security items. The information is available elsewhere, but it was present in this book in a well-packaged form. Hacknotes also contains a nice "reference center" with the summary of web hacking methodology as well as some tricks to try while doing the testing/attacking.
Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major information security company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By Kevin Beaver on October 13, 2005
Format: Paperback
This is a great book that introduces the core concepts of web application security for both security professionals and software developers. More security books should be written in this spare the details and cut to the chase format. It's high-level enough for beginners yet contains meat that techies and security veterans can benefit from. This book should be on the bookshelf of anyone wanting to learn the essentials of web application security.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Anthony Lai Cheuk Tung on January 1, 2006
Format: Paperback
In last two months, I conducted a web application security course for professionals and I started to collect relevant course content. A pentest professional recommended me to read this book because it provides many useful tools and explanations of vulnerability exploits and defenses.

Especially, there is a section about Secure Programming, even it is brief, it could cover security reminder various essential components including database, web server, OS, etc. within the web application infrastructure. In addition, it mentioned current three web application languages - Java, PHP and ASP.

The content of reference center are very useful to developers, system/security admininstrator and auditor. Furthermore, the assessment checklist gives us a start to test the application.

At least, this book provides a starting point to people to go further.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
Want to discover more products? Check out these pages to see more: hacking, networks, linux security, computer security