Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions

3.76 avg rating
( 17 ratings by GoodReads )
 
9780071494618: Hacking Exposed Web 2.0: Web 2.0 Security Secrets and Solutions

Lock down next-generation Web services

"This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats." --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook

Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You'll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings.

  • Plug security holes in Web 2.0 implementations the proven Hacking Exposed way
  • Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms
  • Prevent Web 2.0-based SQL, XPath, XQuery, LDAP, and command injection attacks
  • Circumvent XXE, directory traversal, and buffer overflow exploits
  • Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls
  • Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons
  • Use input validators and XML classes to reinforce ASP and .NET security
  • Eliminate unintentional exposures in ASP.NET AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications
  • Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls
  • Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks 

"synopsis" may belong to another edition of this title.

About the Author:

Rich Cannings is a senior information security engineer at Google.

Himanshu Dwivedi is a founding partner of iSEC Partners, an information security organization, and the author of several security books.

Zane Lackey is a senior security consultant with iSEC Partners.

"About this title" may belong to another edition of this title.

Top Search Results from the AbeBooks Marketplace

1.

Cannings, Rich; Dwivedi, Himanshu; Lackey, Zane
Published by McGraw-Hill Education
ISBN 10: 0071494618 ISBN 13: 9780071494618
New PAPERBACK Quantity Available: 2
Seller
BookShop4U
(PHILADELPHIA, PA, U.S.A.)
Rating
[?]

Book Description McGraw-Hill Education. PAPERBACK. Book Condition: New. 0071494618. Bookseller Inventory # Z0071494618ZN

More Information About This Seller | Ask Bookseller a Question

Buy New
18.12
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

2.

Cannings, Rich; Dwivedi, Himanshu; Lackey, Zane
Published by McGraw-Hill Education 2007-12-17 (2007)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Paperback Quantity Available: 12
Seller
Ebooksweb COM LLC
(Bensalem, PA, U.S.A.)
Rating
[?]

Book Description McGraw-Hill Education 2007-12-17, 2007. Paperback. Book Condition: New. 1. 0071494618. Bookseller Inventory # Z0071494618ZN

More Information About This Seller | Ask Bookseller a Question

Buy New
18.14
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

3.

Dwivedi, Himanshu
Published by McGraw-Hill Education (2008)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Quantity Available: > 20
Seller
PBShop
(Wood Dale, IL, U.S.A.)
Rating
[?]

Book Description McGraw-Hill Education, 2008. PAP. Book Condition: New. New Book.Shipped from US within 10 to 14 business days. Established seller since 2000. Bookseller Inventory # IB-9780071494618

More Information About This Seller | Ask Bookseller a Question

Buy New
26.24
Convert Currency

Add to Basket

Shipping: 3.20
Within U.S.A.
Destination, Rates & Speeds

4.

Himanshu Dwivedi, Alex Stamos, Zane Lackey
Published by McGraw-Hill Education - Europe, United States (2008)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Paperback Quantity Available: 10
Seller
The Book Depository
(London, United Kingdom)
Rating
[?]

Book Description McGraw-Hill Education - Europe, United States, 2008. Paperback. Book Condition: New. 226 x 185 mm. Language: English . Brand New Book. Lock down next-generation Web services This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats. --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You ll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings. Plug security holes in Web 2.0 implementations the proven Hacking Exposed way Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms Prevent Web 2.0 -based SQL, XPath, XQuery, LDAP, and command injection attacks Circumvent XXE, directory traversal, and buffer overflow exploits Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons Use input validators and XML classes to reinforce ASP and security Eliminate unintentional exposures in ASP AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks. Bookseller Inventory # AAC9780071494618

More Information About This Seller | Ask Bookseller a Question

Buy New
30.17
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

5.

Himanshu Dwivedi, Alex Stamos, Zane Lackey
Published by McGraw-Hill Education - Europe, United States (2008)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Paperback Quantity Available: 10
Seller
The Book Depository US
(London, United Kingdom)
Rating
[?]

Book Description McGraw-Hill Education - Europe, United States, 2008. Paperback. Book Condition: New. 226 x 185 mm. Language: English . Brand New Book. Lock down next-generation Web services This book concisely identifies the types of attacks which are faced daily by Web 2.0 sites, and the authors give solid, practical advice on how to identify and mitigate these threats. --Max Kelly, CISSP, CIPP, CFCE, Senior Director of Security, Facebook Protect your Web 2.0 architecture against the latest wave of cybercrime using expert tactics from Internet security professionals. Hacking Exposed Web 2.0 shows how hackers perform reconnaissance, choose their entry point, and attack Web 2.0-based services, and reveals detailed countermeasures and defense techniques. You ll learn how to avoid injection and buffer overflow attacks, fix browser and plug-in flaws, and secure AJAX, Flash, and XML-driven applications. Real-world case studies illustrate social networking site weaknesses, cross-site attack methods, migration vulnerabilities, and IE7 shortcomings. Plug security holes in Web 2.0 implementations the proven Hacking Exposed way Learn how hackers target and abuse vulnerable Web 2.0 applications, browsers, plug-ins, online databases, user inputs, and HTML forms Prevent Web 2.0 -based SQL, XPath, XQuery, LDAP, and command injection attacks Circumvent XXE, directory traversal, and buffer overflow exploits Learn XSS and Cross-Site Request Forgery methods attackers use to bypass browser security controls Fix vulnerabilities in Outlook Express and Acrobat Reader add-ons Use input validators and XML classes to reinforce ASP and security Eliminate unintentional exposures in ASP AJAX (Atlas), Direct Web Remoting, Sajax, and GWT Web applications Mitigate ActiveX security exposures using SiteLock, code signing, and secure controls Find and fix Adobe Flash vulnerabilities and DNS rebinding attacks. Bookseller Inventory # AAC9780071494618

More Information About This Seller | Ask Bookseller a Question

Buy New
31.17
Convert Currency

Add to Basket

Shipping: FREE
From United Kingdom to U.S.A.
Destination, Rates & Speeds

6.

Rich Cannings; Himanshu Dwivedi; Zane Lackey
Published by McGraw-Hill Osborne Media (2007)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Paperback Quantity Available: 1
Seller
Irish Booksellers
(Rumford, ME, U.S.A.)
Rating
[?]

Book Description McGraw-Hill Osborne Media, 2007. Paperback. Book Condition: New. book. Bookseller Inventory # 0071494618

More Information About This Seller | Ask Bookseller a Question

Buy New
32.06
Convert Currency

Add to Basket

Shipping: FREE
Within U.S.A.
Destination, Rates & Speeds

7.

Cannings, Rich; Dwivedi, Himanshu; Lackey, Zane
Published by McGraw-Hill Education
ISBN 10: 0071494618 ISBN 13: 9780071494618
New PAPERBACK Quantity Available: > 20
Seller
Movie Mars
(Indian Trail, NC, U.S.A.)
Rating
[?]

Book Description McGraw-Hill Education. PAPERBACK. Book Condition: New. 0071494618 Brand New Book. Ships from the United States. 30 Day Satisfaction Guarantee!. Bookseller Inventory # 4685185

More Information About This Seller | Ask Bookseller a Question

Buy New
29.06
Convert Currency

Add to Basket

Shipping: 3.20
Within U.S.A.
Destination, Rates & Speeds

8.

Rich Cannings, Himanshu Dwivedi, Zane Lackey, Jesse Burns (Technical Editor), Alex Stamos (Collaborator), Chris Clark (Collaborator)
Published by McGraw-Hill Osborne Media (2007)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Paperback Quantity Available: 1
Seller
Ergodebooks
(RICHMOND, TX, U.S.A.)
Rating
[?]

Book Description McGraw-Hill Osborne Media, 2007. Paperback. Book Condition: New. 1. Bookseller Inventory # DADAX0071494618

More Information About This Seller | Ask Bookseller a Question

Buy New
29.07
Convert Currency

Add to Basket

Shipping: 3.20
Within U.S.A.
Destination, Rates & Speeds

9.

Rich Cannings
Published by McGraw-Hill Education (2008)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Paperback Quantity Available: 20
Seller
Murray Media
(North Miami Beach, FL, U.S.A.)
Rating
[?]

Book Description McGraw-Hill Education, 2008. Paperback. Book Condition: New. Bookseller Inventory # 0071494618

More Information About This Seller | Ask Bookseller a Question

Buy New
30.53
Convert Currency

Add to Basket

Shipping: 2.40
Within U.S.A.
Destination, Rates & Speeds

10.

Dwivedi, Himanshu
Published by McGraw-Hill Education (2008)
ISBN 10: 0071494618 ISBN 13: 9780071494618
New Quantity Available: > 20
Seller
Books2Anywhere
(Fairford, GLOS, United Kingdom)
Rating
[?]

Book Description McGraw-Hill Education, 2008. PAP. Book Condition: New. New Book. Shipped from US within 10 to 14 business days. Established seller since 2000. Bookseller Inventory # IB-9780071494618

More Information About This Seller | Ask Bookseller a Question

Buy New
25.56
Convert Currency

Add to Basket

Shipping: 9
From United Kingdom to U.S.A.
Destination, Rates & Speeds

There are more copies of this book

View all search results for this book