Buy Used
$4.00
FREE Shipping on orders over $35.
Condition: Used: Good
Comment: This book has already been loved by someone else. It MIGHT have some wear and tear on the edges, have some markings in it, or be an ex-library book. Over-all itâ?TMs still a good book at a great price! (if it is supposed to contain a CD or access code, that may be missing)
Access codes and supplements are not guaranteed with used items.
Add to Cart
Have one to sell? Sell on Amazon
Flip to back Flip to front
Listen Playing... Paused   You're listening to a sample of the Audible audio edition.
Learn more
See this image

HackNotes(tm) Web Security Pocket Reference Paperback – June 30, 2003

ISBN-13: 978-0072227840 ISBN-10: 0072227842 Edition: 1st

Used
Price: $4.00
12 New from $15.00 20 Used from $0.01
Amazon Price New from Used from
Paperback
"Please retry"
$15.00 $0.01

Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student



NO_CONTENT_IN_FEATURE

Shop the new tech.book(store)
New! Introducing the tech.book(store), a hub for Software Developers and Architects, Networking Administrators, TPMs, and other technology professionals to find highly-rated and highly-relevant career resources. Shop books on programming and big data, or read this week's blog posts by authors and thought-leaders in the tech industry. > Shop now

Product Details

  • Series: Hacknotes
  • Paperback: 240 pages
  • Publisher: McGraw-Hill Osborne Media; 1 edition (June 30, 2003)
  • Language: English
  • ISBN-10: 0072227842
  • ISBN-13: 978-0072227840
  • Product Dimensions: 8.8 x 6 x 0.3 inches
  • Shipping Weight: 0.8 ounces
  • Average Customer Review: 4.3 out of 5 stars  See all reviews (6 customer reviews)
  • Amazon Best Sellers Rank: #2,637,102 in Books (See Top 100 in Books)

Editorial Reviews

From the Back Cover

HackNotes Web Security Portable Reference describes the hacks and vulnerabilities threatening today's Web applications, then provides the defenses necessary to counteract and destroy threats of all manner. Determine whether a vulnerability exists, then attack and overcome application weaknesses through a series of tested and trusted anti-hacking methods, bullet-proof best practices, and code-level techniques. Use the unique Reference Center in the middle of the book to access security commands, input validation checklists, tables for alternate encoding schemes, online resources, SQL injection hints, application testing methodologies, and more.

.
    .
  • Find critical information in seconds with special 32-page Reference Center insert .
  • Configure a secure Web server and develop secure Web applications .
  • Learn and understand application scouring and penetration methodologies .
  • Protect application data from unauthorized access .
  • Create hardened policies, applications, and services .
  • Track evidence of application attacks in Web server log files .
  • Block platform and Web application vulnerabilities .
  • Learn the tools available to handle session hijacking, SQL injection, and more .
  • Eliminate common programming pitfalls in ASP, PHP, Java, and Perl .
  • Identify Web-based attacks with thorough log analysis .
.

About the Author

Mike Shema is the CSO of NT Objectives and has made web application security presentations at numerous security conferences. He has conducted security reviews for a wide variety of web technologies and developed training material for application security courses. He is also a co-author of Anti-Hacker Toolkit.

More About the Author

Mike Shema writes software to automate security testing for web applications, but that's for work. For fun he writes books and blog posts about information security, with an infusion of references to music (80's), sci-fi (apocalyptic), and horror (spooky) to keep the topics entertaining. He has taught hacking classes and presented research at security conferences around the world.

Customer Reviews

4.3 out of 5 stars
Share your thoughts with other customers

Most Helpful Customer Reviews

10 of 10 people found the following review helpful By Dr Anton Chuvakin on November 3, 2003
Format: Paperback
Just as the network security Hacknote (the first in the series), this one delivers what is promises. The book provides a nice well-written, fairly comprehensive review of web application security.
It also manages to balance attacks and defenses, technology and methodology, tools and concepts, breadth and depth (as appropriate for the 180 page book). The book is very useful as a refresher or to move one step further in web security for a busy security professional who already knows the basics. The book obviously won't make you an expert (as likely no book will) and likely won't reveal any novel attacks to "hardened" web security types.
I liked the book, since it came handy when I needed to look up some web security items. The information is available elsewhere, but it was present in this book in a well-packaged form. Hacknotes also contains a nice "reference center" with the summary of web hacking methodology as well as some tricks to try while doing the testing/attacking.
Anton Chuvakin, Ph.D., GCIA, GCIH is a Senior Security Analyst with a major information security company. His areas of infosec expertise include intrusion detection, UNIX security, forensics, honeypots, etc. In his spare time, he maintains his security portal info-secure.org
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
2 of 2 people found the following review helpful By Kevin Beaver on October 13, 2005
Format: Paperback
This is a great book that introduces the core concepts of web application security for both security professionals and software developers. More security books should be written in this spare the details and cut to the chase format. It's high-level enough for beginners yet contains meat that techies and security veterans can benefit from. This book should be on the bookshelf of anyone wanting to learn the essentials of web application security.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By Anthony Lai Cheuk Tung on January 1, 2006
Format: Paperback
In last two months, I conducted a web application security course for professionals and I started to collect relevant course content. A pentest professional recommended me to read this book because it provides many useful tools and explanations of vulnerability exploits and defenses.

Especially, there is a section about Secure Programming, even it is brief, it could cover security reminder various essential components including database, web server, OS, etc. within the web application infrastructure. In addition, it mentioned current three web application languages - Java, PHP and ASP.

The content of reference center are very useful to developers, system/security admininstrator and auditor. Furthermore, the assessment checklist gives us a start to test the application.

At least, this book provides a starting point to people to go further.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Customer Images

Search