This book is about Web Application Hacking. The world-renowned authors teach the reader to use publicly available tools to conduct thorough assessments of web application. This assessment process provides the reader with an understanding of Web application vulnerabilities and how they are exploited. The book goes on to teach the reader to detect, exploit, and ultimately prevent these vulnerabilities. Next, the authors cover advanced techniques of exploiting vulnerabilities such as SQL Injection, Arbitrary command injection, and more.
* Learn to defend Web-based applications developed with AJAX, SOAP, XMLPRC, and more. * See why Cross Site Scripting attacks can be so devastating. * Download working code from the companion Web site.
Table of Contents
Chapter 1: Introduction Chapter 2: Information Gathering Techniques Chapter 3: Common Input Validation Vulnerabilities Chapter 4: Application Logic Flaws and Common Coding Issues Chapter 5: Common Client Trust Issues Chapter 6: Server Side Validation Vulnerabilities in a Multi User Multi Role Environment Chapter 7: Session Management Vulnerabilities Chapter 8: Phishing Chapter 9: Client Side Security Chapter 10: Same Issues / New Technologies Chapter 11: Other Security Considerations