Industrial-Sized Deals TextBTS15 Shop Women's Handbags Learn more nav_sap_SWP_6M_fly_beacon $5 Albums $5 Off Fire TV Stick Off to College Essentials Shop Popular Services gotS5 gotS5 gotS5  Amazon Echo Starting at $99 Kindle Voyage Metal Gear Solid 5 Gear Up for Football Learn more
Hacking Exposed Web Applications, Third Edition and over one million other books are available for Amazon Kindle. Learn more

Hacking Exposed Web Applications, Third Edition 3rd Edition

8 customer reviews
ISBN-13: 978-0071740647
ISBN-10: 0071740643
Why is ISBN important?
ISBN
This bar-code number lets you verify that you're getting exactly the right version or edition of a book. The 13-digit and 10-digit formats both work.
Scan an ISBN with your phone
Use the Amazon App to scan ISBNs and compare prices.
Sell yours for a Gift Card
We'll buy it for $7.80
Learn More
Trade in now
Have one to sell? Sell on Amazon
Buy used
$23.57
Buy new
$29.46
More Buying Choices
32 New from $25.46 20 Used from $19.53
Free Two-Day Shipping for College Students with Amazon Student Free%20Two-Day%20Shipping%20for%20College%20Students%20with%20Amazon%20Student


InterDesign Brand Store Awareness Rent Textbooks
$29.46 FREE Shipping on orders over $35. In Stock. Ships from and sold by Amazon.com. Gift-wrap available.

Frequently Bought Together

Hacking Exposed Web Applications, Third Edition + Hacking Exposed 7: Network Security Secrets and Solutions
Price for both: $55.57

One of these items ships sooner than the other.

Buy the selected items together

Editorial Reviews

About the Author

Joel Scambray, CISSP, is co-founder and CEO of Consciere, provider of strategic security advisory services. He has worked in Internet security assessment and defense for nearly 15 years at Microsoft, Foundstone, Ernst & Young, and other organizations. Joel is an internationally renowned speaker and author of multiple security books, including 12 editions in the Hacking Exposed series.

Vincent Liu, CISSP, is a managing partner at Stach & Liu. He previously led the Attack & Penetration and Reverse Engineering teams at Honeywell's Global Security group, was a consultant with the Ernst & Young Advanced Security Centers, and was an analyst at the National Security Agency. Vincent speaks at industry conferences, including Black Hat, ToorCon, and Microsoft's BlueHat.

Caleb Sima is CEO of Armorize Technologies, provider of integrated Web application security solutions. He founded SPI Dynamics, a Web security technology company, and was an early innovator at Internet Security Systems/IBM's elite X-Force team. Caleb presents at key industry conferences, such as RSA and Black Hat.

NO_CONTENT_IN_FEATURE


Best Books of the Month
Best Books of the Month
Want to know our Editors' picks for the best books of the month? Browse Best Books of the Month, featuring our favorite new books in more than a dozen categories.

Product Details

  • Series: Hacking Exposed
  • Paperback: 482 pages
  • Publisher: McGraw-Hill Education; 3 edition (October 15, 2010)
  • Language: English
  • ISBN-10: 0071740643
  • ISBN-13: 978-0071740647
  • Product Dimensions: 7.3 x 0.9 x 9 inches
  • Shipping Weight: 2.1 pounds (View shipping rates and policies)
  • Average Customer Review: 4.5 out of 5 stars  See all reviews (8 customer reviews)
  • Amazon Best Sellers Rank: #539,515 in Books (See Top 100 in Books)

Related Media


More About the Authors

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

5 star
50%
4 star
50%
3 star
0%
2 star
0%
1 star
0%
See all 8 customer reviews
Share your thoughts with other customers

Most Helpful Customer Reviews

21 of 21 people found the following review helpful By Richard Bejtlich on March 31, 2011
Format: Paperback
This is the third Hacking Exposed: Web Applications (HE:WA) book I've reviewed, having reviewed the second edition in 2006 and the first edition in 2002. While I gave the earlier editions each five stars, I don't think HE:WA3E quite meets my expectations of a five star web application security book -- at least not one bearing the Hacking Exposed (HE) series name.

In my opinion, the winning formula for a good HE book was set by the first in the series, back in 1999: 1) explain a technology of interest; 2) show exactly how to exploit it; 3) recommend countermeasures. For me, these three steps MUST be followed, and any book with HE in the title that fails to follow this recipe is likely to fall flat. The reason I like this approach is simple; in many cases, defenders first encounter a new technology only after a researcher or intruder has broken it! In other words, the offensive side is usually far ahead of the defensive side, because offenders often specialize in a promising new area and pursue it relentlessly until they break it. Good HE books help redress this imbalance by getting the defender up to speed on a new technology, showing how to break it, and then suggesting defensive measures.

I believe that while HE:WA3E adopts some of this approach, it seems to not be consistently applied. In fact, I'm wondering if the absence of Mike Shema from the author team could be the reason for this change. Mike's handiwork still appears as a legacy of using older material, but elsewhere I found myself missing the HE formula.

For example, ch 9 seems to diverge from the HE recipe. It also seemed "light" to me compared to the prevalence of client-side exploitation. When HE:WA2E arrived in 2006, client-side attacks had been popular for about three years.
Read more ›
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By W. Vogt on December 9, 2013
Format: Paperback Verified Purchase
I learned more from this in an hour of sitting and flipping than I have from hours upon hours of searching the web for answers on similar topics. Extremely helpful book for those concerned with web security... covers topics that I've never heard others mention. Also, a lot of people online... specifically with say, PHP programming, will tell you some basic rule or procedure for verifying user input, but they don't explain fully the how and the why---it's like that all over the place---but this book does a very good job of explaining why the procedures and such in PHP or other languages are necessary, and in my case helped me to understand exactly why certain procedures should be employed. (Such as making sure user-submitted data is in the expected encoding, i.e. UTF8, etc.)
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By A Guy on October 20, 2014
Format: Paperback Verified Purchase
Some of the content is outdated but for the most part it did what I needed it to. I was looking for an intro into Web app vulnerabilities as I begin taking on more responsibility in that at work. I do like the layout as it is easy to understand and it walks me through the use of the various tools well. You can write volumes on each chapter that this book covers so know that this is an overview and you will be happy with the money that you spent on it.
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again
1 of 1 people found the following review helpful By amazonD on October 31, 2013
Format: Paperback Verified Purchase
I own every hacking exposed book ever printed that i am aware of. These are great sources for learning and structuring skills in many valuable situations. They are based on theory and have great examples when you would use the necessary solutions to achieve of overcome challenges.

They are Great Books!! ---That is my opinion!
Comment Was this review helpful to you? Yes No Sending feedback...
Thank you for your feedback. If this review is inappropriate, please let us know.
Sorry, we failed to record your vote. Please try again

Set up an Amazon Giveaway

Amazon Giveaway allows you to run promotional giveaways in order to create buzz, reward your audience, and attract new followers and customers. Learn more
Hacking Exposed Web Applications, Third Edition
This item: Hacking Exposed Web Applications, Third Edition
Price: $29.46
Ships from and sold by Amazon.com

Want to discover more products? Check out these pages to see more: hacking, networks, linux security, computer security