Web Application Obfuscation

Купить бумажную книгу и читать

Название:Web Application Obfuscation

Автор: Mario Heiderich, Eduardo Alberto Vela Nava, Gareth Heyes, David Lindsay

Издательство:Syngress

ISBN: 1597496049

Год: 2011

Страниц:290

Язык:Английский

Формат: PDF

Размер: 2 MB

This book takes a look at common Web infrastructure and security controls from an attacker's perspective, allowing the reader to understand the shortcomings of their security systems.

Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take one attack and create hundreds-if not millions-of variants that can evade your security measures.

Find out how an attacker would bypass different types of security controls, how these very security controls introduce new types of vulnerabilities, and how to avoid common pitfalls in order to strengthen your defenses.

Looks at security tools like IDS/IPS that are often the only defense in protecting sensitive data and assets

Evaluates Web application vulnerabilties from the attacker's perspective and explains how these very systems introduce new types of vulnerabilities

Teaches how to secure your data, including info on browser quirks, new attacks and syntax tricks to add to your defenses against XSS, SQL injection, and more.

Contents

Acknowledgments

About the Authors

About the Technical editor

CHAPTER 1 Introduction

Audience

Filtering basics

Regular expressions

Book organization

Chapter 2: “HTML”

Chapter 3: “javascript and VBScript”

Chapter 4: “Nonalphanumeric javascript”

Chapter 5: “CSS”

Chapter 6: “PHP”

Chapter 7: “SQL”

Chapter 8: “Web application firewalls and client-side filters”

Chapter 9: “Mitigating bypasses and attacks”

Chapter 10: “Future developments”

Updates