As a registered member of SearchSoftwareQuality.com, you're entitled to a complimentary copy of Chapter 66 of Hacking for Dummies written by Kevin Beaver and published by Wiley Publishing.
This chapter, "Web Applications," reviews application hacks to check on your systems, as well as countermeasures to help minimize the chances that a hacker can carry out these attacks. Attacks covered include insecure login mechanisms, directory traversal attacks and input attacks.
Hackers For Dummies helps you hack into a hacker's mindset and take security precautions to help you avoid a hack attack. It outlines computer hacker tricks and techniques you can use to assess the security of your own information systems, find security vulnerabilities, and fix them before malicious and criminal hackers can exploit them. It covers the following:
- Hacking methodology and researching public information to see what a hacker can quickly learn about your operations
- Social engineering (how hackers manipulate employees to gain information and access), physical security, and password vulnerabilities
- Network infrastructure, including port scanners, SNMP scanning, banner grabbing, scanning, and wireless LAN vulnerabilities
- Operating systems, including Windows, Linux, and Novell NetWare
- Application hacking, including malware (Trojan horses, viruses, worms, rootkits, logic bombs, and more), e-mail and instant messaging, and Web applications
- Tests, tools (commercial, shareware, and freeware), and techniques that offer the most bang for your ethical hacking buck
With this guide you can develop and implement a comprehensive security assessment plan, get essential support from management, test your system for vulnerabilities, take countermeasures, and protect your network infrastructure. You discover how to beat hackers at their own game, with the following:
- A hacking toolkit, including War dialing software, password cracking software, network scanning software, network vulnerability assessment software, a network analyzer, a Web application assessment tool, and more
- All kinds of countermeasures and ways to plug security holes
- A list of more than 100 security sites, tools, and resources
Ethical hacking helps you fight hacking with hacking, pinpoint security flaws within your systems, and implement countermeasures. Complete with tons of screen shots, step-by-step instructions for some countermeasures, and actual case studies from IT security professionals, this is an invaluable guide, whether you're an Internet security professional, part of a penetration-testing team, or in charge of IT security for a large or small business.
>> Buy the book
Dig Deeper on Building security into the SDLC (Software development life cycle)