Hacking for Dummies -- Chapter 16, Web applications

Web application security is the subject of this free book excerpt. Kevin Beaver reviews application vulnerabilities, exploits, malware and countermeasures. Application hacks covered include insecure login mechanisms, directory traversal attacks and input attacks.


As a registered member of SearchSoftwareQuality.com, you're entitled to a complimentary copy of Chapter 66 of Hacking for Dummies written by Kevin Beaver and published by Wiley Publishing.

This chapter, "Web Applications," reviews application hacks to check on your systems, as well as countermeasures to help minimize the chances that a hacker can carry out these attacks. Attacks covered include insecure login mechanisms, directory traversal attacks and input attacks.



Hacking for Dummies

Book description:

Hackers For Dummies helps you hack into a hacker's mindset and take security precautions to help you avoid a hack attack. It outlines computer hacker tricks and techniques you can use to assess the security of your own information systems, find security vulnerabilities, and fix them before malicious and criminal hackers can exploit them. It covers the following:

  • Hacking methodology and researching public information to see what a hacker can quickly learn about your operations

  • Social engineering (how hackers manipulate employees to gain information and access), physical security, and password vulnerabilities

  • Network infrastructure, including port scanners, SNMP scanning, banner grabbing, scanning, and wireless LAN vulnerabilities

  • Operating systems, including Windows, Linux, and Novell NetWare

  • Application hacking, including malware (Trojan horses, viruses, worms, rootkits, logic bombs, and more), e-mail and instant messaging, and Web applications

  • Tests, tools (commercial, shareware, and freeware), and techniques that offer the most bang for your ethical hacking buck

With this guide you can develop and implement a comprehensive security assessment plan, get essential support from management, test your system for vulnerabilities, take countermeasures, and protect your network infrastructure. You discover how to beat hackers at their own game, with the following:

  • A hacking toolkit, including War dialing software, password cracking software, network scanning software, network vulnerability assessment software, a network analyzer, a Web application assessment tool, and more

  • All kinds of countermeasures and ways to plug security holes

  • A list of more than 100 security sites, tools, and resources

Ethical hacking helps you fight hacking with hacking, pinpoint security flaws within your systems, and implement countermeasures. Complete with tons of screen shots, step-by-step instructions for some countermeasures, and actual case studies from IT security professionals, this is an invaluable guide, whether you're an Internet security professional, part of a penetration-testing team, or in charge of IT security for a large or small business.

>> Read "Chapter 16: Web Applications" now.

>> Buy the book





This was first published in August 2006

Dig deeper on Building security into the SDLC (Software development life cycle)

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchSOA

TheServerSide

SearchCloudApplications

SearchAWS

SearchBusinessAnalytics

SearchFinancialApplications

SearchHealthIT

Close