Hacking Exposed Web Applications, Second Edition

Front Cover
Mcgraw-hill, Jun 5, 2006 - Computers - 520 pages

Implement bulletproof e-business security the proven Hacking Exposed way

Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.

From inside the book

What people are saying - Write a review

We haven't found any reviews in the usual places.


Infrastructure Profiling
Application Profiling

36 other sections not shown

Other editions - View all

Common terms and phrases

About the author (2006)

Joel Scambray, CISSP, is a Senior Director at Microsoft Corporation, where he led Microsoft's online services security efforts for three years before joining the Windows platform group to focus on security technology development. He has more than 15 years of information security experience, including senior management roles at Ernst & Young, co-founder of Foundstone, technical consultant for Fortune 500 enterprises, and co-author of the best-selling Hacking Exposed book series.

Mike Shema, is the CSO of NT Objectives and has made web application security presentations at numerous security conferences. He has conducted security reviews for a wide variety of web technologies and developed training material for application security courses. He is also a co-author of Anti-Hacker Toolkit.

Caleb Sima, is the co-founder and CTO of SPI Dynamics, a web application security products company, and has more than 12 years of security experience. His pioneering efforts and expertise in web security have helped define the direction the web application security industry has taken. Caleb is a frequent speaker and expert resource for the press on Internet attacks and has been featured in the Associated Press. He is also a contributing author to various magazines and online columns. Caleb is a member of ISSA and is one of the founding visionaries of the Application Vulnerability Description Language (AVDL) standard within OASIS, as well as a founding member of the Web Application Security Consortium (WASC).

Bibliographic information