Popular Posts
-
Dưới đấy là danh sách các diễn đàn công nghệ (IT) lớn nhất tại Việt Nam cho phép bạn đăng tin Rao Vặt để quảng cáo sản phẩm, thương hiệu cũn... -
Beautiful 404 Error Pages Cut & Taste Cut & Taste claims that “Someone on the staff is to blame for this! Rest assured, the proper p...
-
YouJoomla Joomla! Club Template Template Name: YouBistro | Live Demo | For Joomla 1.5.x This time we would like to try a new concept. R... -
hotfile.com | megaupload.com | depositfiles.com | rapidshare.com ext: .zip size: 4 1,6 MB Description: "Black & White, a r...
-
Link down: http://www.4shared.com/office/F-uHwS...TU_KY_THU.html
-
Chào các bạn, sau một thời gian tìm kiếm phần mềm gỡ pass file Word-Excel, tui đã tìm được phần mềm này, rất hiệu quả. Gỡ bỏ mật khẩu trên... -
Các máy để bàn và máy chủ sẽ được bảo mật trực tiếp từ trong vi xử lý thay vì dùng các phần mềm chạy trên một hệ điều hành nếu việc hợp tác ...
-
Angels vs Devils (PCGame/ENG/2004) ENG | PC | 2004 | 685MB Genre: Action, Fantasy Shooter This 3D action game will see you pitting the force...
-
Ngày nay, mạng không dây đã trở nên khá phổ biến. Không chỉ ở các tổ chức và doanh nghiệp, mạng không dây còn được triển khai ở phần lớn các...
-
Công nghệ mới từ IBM được thiết kế nhằm ngăn chặn thư rác bằng việc phân biệt vùng nó xuất phát, có thể giúp cho phát hiện các Scam trực tuy...
Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions
Thứ Hai, 17 tháng 5, 2010
Product Description
Lock down next-generation Web services
"This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook
Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You'll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings.
"This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook
Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You'll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings.
- Plug security holes in Web 2.0 implementations the proven Hacking Exposed way
- Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms
- Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks
- Circumvent XXE, directory traversal, and buffer overflow exploits
- Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls
- Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons
- Use input validators and XML classes to reinforce ASP and .NET security
- Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications
- Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls
- Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks
About the Author
Rich Cannings is a senior information security engineer at Google.
Himanshu Dwivedi is a founding partner of iSEC Partners, an information security organization, and the author of several security books.
Zane Lackey is a senior security consultant with iSEC Partners.
Himanshu Dwivedi is a founding partner of iSEC Partners, an information security organization, and the author of several security books.
Zane Lackey is a senior security consultant with iSEC Partners.
Download here:
Comments[ 0 ]
Đăng nhận xét