Synopsis
A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.
XSS Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.
- XSS Vulnerabilities exist in 8 out of 10 Web sites
- The authors of this book are the undisputed industry leading authorities
- Contains independent, bleeding edge research, code listings and exploits that can not be found anywhere else
"synopsis" may belong to another edition of this title.
About the Authors
Seth Fogie is the VP of Dallas-based Airscanner Corporation where he oversees the development of security software for the Window Mobile (Pocket PC) platform. He has co-authored numerous technical books on information security, including the top selling "Maximum Wireless Security" from SAMS, and "Security Warrior" from O'Reilly. Seth frequently speaks at IT and security conferences/seminars, including Black Hat, Defcon, CSI, and Dallascon. In addition, Seth has co-authored the HIPAA medical education course for the Texas Medical Associate and is acting Site Host for Security at the "InformIT.com" website where he writes articles and reviews/manages weekly information security related books and articles
Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, is a world-renowned expert in web application security and a founding member of the Web Application Security Consortium (WASC). At WhiteHat, Mr. Grossman is responsible for web application security R&D and industry evangelism. He is a frequent speaker at industry events including the Black Hat Briefings, ISACA, OWASP, NASA, ISSA and Defcon. A trusted media resource, Mr. Grossman has been featured in USA Today, the Washington Post, Information Week, NBC Nightly News, and many others. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo!
Robert Hansen, also known as RSnake, is the founder of the ha.ckers.org web application security lab and has been heavily involved in the hacking and the security industry since the mid 1990s. Robert has worked in banner advertizing and built click fraud detection in his role as CSO for several startups. For many years he ran the managed security services product lines for Cable & Wireless. At eBay he worked on anti-cross site scripting, anti-phishing, anti-virus and web application intrusion detection and countermeasures. He has spoken at Black Hat, the Gartner security round table and at Networld+Interop and he is a member of WASC, OWASP, and ISSA.
Anton Rager is a Sr. Security Engineer with Avaya Labs and a founding member of Avaya's Enterprise Security Practice. He specializes in vulnerability research, VPN security and wireless security and is best known for his WEPCrack, WEPWedgie and IKECrack security tools. He has presented at Defcon, Toorcon, Interz0ne and many other lesser-known conferences, and was a contributing technical editor to the book Maximum Wireless Security.
Petko “pdp D. Petkov is a senior IT security consultant based in London, United Kingdom. His day-to-day work involves identifying vulnerabilities, building attack strategies and creating attack tools and penetration testing infrastructures. Petko is known in the underground circles as pdp or architect but his name is well known in the IT security industry for his strong technical background and creative thinking. He has been working for some of the world's top companies, providing consultancy on the latest security vulnerabilities and attack technologies.
His latest project, GNUCITIZEN (gnucitizen.org), is one of the leading web application security resources on-line where part of his work is disclosed for the benefit of the public. Petko defines himself as a cool hunter in the security circles.
"About this title" may belong to another edition of this title.
Search results for XSS Attacks: Cross Site Scripting Exploits and Defense
Stock Image
XSS Attacks : Cross Site Scripting Exploits and Defense
Published by
Elsevier Science & Technology Books, 2007
ISBN 10: 1597491543
ISBN 13: 9781597491549
Used
Softcover
Seller: Better World Books, Mishawaka, IN, U.S.A.
Seller rating 5 out of 5 stars
Condition: Good. Former library copy. Pages intact with minimal writing/highlighting. The binding may be loose and creased. Dust jackets/supplements are not included. Includes library markings. Stock photo provided. Product includes identifying sticker. Better World Books: Buy Books. Do Good. Seller Inventory # 8973756-20
Stock Image
XSS Attacks: Cross Site Scripting Exploits and Defense
Seller: HPB-Red, Dallas, TX, U.S.A.
Seller rating 5 out of 5 stars
paperback. Condition: Good. Connecting readers with great books since 1972! Used textbooks may not include companion materials such as access codes, etc. May have some wear or writing/highlighting. We ship orders daily and Customer Service is our top priority! Seller Inventory # S_416484011
Stock Image
Xss Attacks: Cross Site Scripting Exploits and Defense
Seller: ThriftBooks-Dallas, Dallas, TX, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: Very Good. No Jacket. Former library book; May have limited writing in cover pages. Pages are unmarked. ~ ThriftBooks: Read More, Spend Less. Seller Inventory # G1597491543I4N10
Seller Image
XSS Attacks: Cross Site Scripting Exploits and Defense
Seller: Lake Country Books and More, Excelsior, MN, U.S.A.
Seller rating 5 out of 5 stars
Paperback. Condition: Very Good. Dust Jacket Condition: None as issued. Clean, solid copy with unmarked text. Cover has mild surface and edge wear. Binding is tight and square, no creases to spine or cover. We are unable to ship oversize books and multi-volume sets internationally. Seller Inventory # HD32305120010
Stock Image
XSS Attacks: Cross Site Scripting Exploits and Defense
Seller: Studibuch, Stuttgart, Germany
Seller rating 5 out of 5 stars
paperback. Condition: Gut. 480 Seiten; 9781597491549.3 Gewicht in Gramm: 1. Seller Inventory # 794138
Stock Image
XSS Attacks: Cross Site Scripting Exploits and Defense
Seller: BennettBooksLtd, Los Angeles, CA, U.S.A.
Seller rating 5 out of 5 stars
paperback. Condition: New. In shrink wrap. Looks like an interesting title! Seller Inventory # Q-1597491543
Stock Image
XSS Attacks
Print on DemandSeller: PBShop.store UK, Fairford, GLOS, United Kingdom
Seller rating 5 out of 5 stars
PAP. Condition: New. New Book. Delivered from our UK warehouse in 4 to 14 business days. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Seller Inventory # L0-9781597491549
Buy New
£ 66.67
£ 5.87 shipping
Ships from United Kingdom to U.S.A.
Ships from United Kingdom to U.S.A.
Quantity: Over 20 available
Stock Image
XSS Attacks
Print on DemandSeller: PBShop.store US, Wood Dale, IL, U.S.A.
Seller rating 5 out of 5 stars
PAP. Condition: New. New Book. Shipped from UK. THIS BOOK IS PRINTED ON DEMAND. Established seller since 2000. Seller Inventory # L0-9781597491549
Seller Image
XSS Attacks
Seller: Rarewaves.com USA, London, LONDO, United Kingdom
Seller rating 5 out of 5 stars
Paperback. Condition: New. Illustrated. A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.XSS Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers. Seller Inventory # LU-9781597491549
Buy New
£ 89.24
Free Shipping
Ships from United Kingdom to U.S.A.
Ships from United Kingdom to U.S.A.
Quantity: Over 20 available
Stock Image
XSS Attacks: Cross Site Scripting Exploits and Defense
Published by
Syngress Media,U.S., 2007
ISBN 10: 1597491543
ISBN 13: 9781597491549
New
Paperback / softback
Seller: THE SAINT BOOKSTORE, Southport, United Kingdom
Seller rating 5 out of 5 stars
Paperback / softback. Condition: New. This item is printed on demand. New copy - Usually dispatched within 5-9 working days. Seller Inventory # C9781597491549
Buy New
£ 77.40
£ 19.37 shipping
Ships from United Kingdom to U.S.A.
Ships from United Kingdom to U.S.A.
Quantity: Over 20 available