Similar authors to follow
See more recommendations
About Mike Shema
Customers Also Bought Items By
How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps. The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve.
Attacks featured in this book include:
• SQL Injection
• Cross Site Scripting
• Logic Attacks
• Server Misconfigurations
• Predictable Pages
• Web of Distrust
• Breaking Authentication Schemes
• HTML5 Security Breaches
• Attacks on Mobile Apps
Even if you don’t develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked—as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser – sometimes your last line of defense – more secure.
- More and more data, from finances to photos, is moving into web applications. How much can you trust that data to be accessible from a web browser anywhere and safe at the same time?
- Some of the most damaging hacks to a web site can be executed with nothing more than a web browser and a little knowledge of HTML.
- Learn about the most common threats and how to stop them, including HTML Injection, XSS, Cross Site Request Forgery, SQL Injection, Breaking Authentication Schemes, Logic Attacks, Web of Distrust, Browser Hacks and many more.
Defend against today's most devious attacks
Fully revised to include cutting-edge new tools for your security arsenal, Anti-Hacker Tool Kit, Fourth Edition reveals how to protect your network from a wide range of nefarious exploits. You'll get detailed explanations of each tool’s function along with best practices for configuration and implementation illustrated by code samples and up-to-date, real-world case studies. This new edition includes references to short videos that demonstrate several of the tools in action. Organized by category, this practical guide makes it easy to quickly find the solution you need to safeguard your system from the latest, most devastating hacks.
Demonstrates how to configure and use these and other essential tools:
- Virtual machines and emulators: Oracle VirtualBox, VMware Player, VirtualPC, Parallels, and open-source options
- Vulnerability scanners: OpenVAS, Metasploit
- File system monitors: AIDE, Samhain, Tripwire
- Windows auditing tools: Nbtstat, Cain, MBSA, PsTools
- Command-line networking tools: Netcat, Cryptcat, Ncat, Socat
- Port forwarders and redirectors: SSH, Datapipe, FPipe, WinRelay
- Port scanners: Nmap, THC-Amap
- Network sniffers and injectors: WinDump, Wireshark, ettercap, hping, kismet, aircrack, snort
- Network defenses: firewalls, packet filters, and intrusion detection systems
- War dialers: ToneLoc, THC-Scan, WarVOX
- Web application hacking utilities: Nikto, HTTP utilities, ZAP, Sqlmap
- Password cracking and brute-force tools: John the Ripper, L0phtCrack, HashCat, pwdump, THC-Hydra
- Forensic utilities: dd, Sleuth Kit, Autopsy, Security Onion
- Privacy tools: Ghostery, Tor, GnuPG, Truecrypt, Pidgin-OTR
Seven Deadliest Web Application Attacks highlights the vagaries of web security by discussing the seven deadliest vulnerabilities exploited by attackers. This book pinpoints the most dangerous hacks and exploits specific to web applications, laying out the anatomy of these attacks including how to make your system more secure. You will discover the best ways to defend against these vicious hacks with step-by-step instruction and learn techniques to make your computer and network impenetrable.
Each chapter presents examples of different attacks conducted against web sites. The methodology behind the attack is explored, showing its potential impact. The chapter then moves on to address possible countermeasures for different aspects of the attack. The book consists of seven chapters that cover the following: the most pervasive and easily exploited vulnerabilities in web sites and web browsers; Structured Query Language (SQL) injection attacks; mistakes of server administrators that expose the web site to attack; brute force attacks; and logic attacks. The ways in which malicious software malware has been growing as a threat on the Web are also considered.
This book is intended for information security professionals of all levels, as well as web application developers and recreational hackers.
- Knowledge is power, find out about the most dominant attacks currently waging war on computers and networks globally
- Discover the best ways to defend against these vicious attacks; step-by-step instruction shows you how
- Institute countermeasures, don’t be caught defenseless again, and learn techniques to make your computer and network impenetrable
- Completely revised to include the latest security tools, including wireless tools
- New tips on how to configure the recent tools on Linux, Windows, and Mac OSX
- New on the CD-ROM -- Gnoppix, a complete Linux system, ClamAV anti-virus, Cain, a multi-function hacking tool, Bluetooth tools, protocol scanners, forensic tools, and more
- New case studies in each chapter