The Web Application Hacker's Handbook 黑客攻防技术宝典:Web实战篇

Thehighlysuccessfulsecuritybookreturnswithanewedition,completelyupdatedWebapplicationsarethefrontdoortomostorganizations,exposingthemtoattacksthatmaydisclosepersonalinformation,executefraudulenttransactions,orcompromiseordinaryusers.Thispracticalbookhasbeencompletelyupdatedandrevisedtodiscussthelateststep-by-steptechniquesforattackinganddefendingtherangeofever-evolvingwebapplications.You'llexplorethevariousnewtechnologiesemployedinwebapplicationsthathaveappearedsincethefirsteditionandreviewthenewattacktechniquesthathavebeendeveloped,particularlyinrelationtotheclientside.RevealshowtoovercomethenewtechnologiesandtechniquesaimedatdefendingwebapplicationsagainstattacksthathaveappearedsincethepreviouseditionDiscussesnewremotingframeworks,HTML5,cross-domainintegrationtechniques,UIredress,framebusting,HTTPparameterpollution,hybridfileattacks,andmoreFeaturesacompanionwebsitehostedbytheauthorsthatallowsreaderstotryouttheattacksdescribed,givesanswerstothequestionsthatareposedattheendofeachchapter,andprovidesasummarizedmethodologyandchecklistoftasksFocusingontheareasofwebapplicationsecuritywherethingshavechangedinrecentyears,thisbookisthemostcurrentresourceonthecriticaltopicofdiscovering,exploiting,andpreventingwebapplicationsecurityflaws.