Hacking Exposed Web Applications (Hacking Exposed)

Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals.

• Find out how hackers use infrastructure and application profiling to perform reconnaissance and enter vulnerable systems
• Get details on exploits, evasion techniques, and countermeasures for the most popular Web platforms, including IIS, Apache, PHP, and ASP.NET
•  Learn the strengths and weaknesses of common Web authentication mechanisms, including password-based, multifactor, and single sign-on mechanisms like Passport
• See how to excise the heart of any Web application's access controls through advanced session analysis, hijacking, and fixation techniques
• Find and fix input validation flaws, including cross-site scripting (XSS), SQL injection, HTTP response splitting, encoding, and special character abuse
• Get an in-depth presentation of the newest SQL injection techniques, including blind attacks, advanced exploitation through subqueries, Oracle exploits, and improved countermeasures
• Learn about the latest XML Web Services hacks, Web management attacks, and DDoS attacks, including click fraud
• Tour Firefox and IE exploits, as well as the newest socially-driven client attacks like phishing and adware

In this fully revised bestseller, IT security professionals will find the latest insights into the core security issues that plague online business platforms of all sizes. Hacking Exposed Web Applications, Second Edition, applies the bestselling Hacking Exposed computer security methodologies, technical rigor, and “from-the-trenches” experience to making the Web a safer, more secure place in which to do business.

Defend against the latest Web-based attacks by looking at your Web applications through the eyes of a malicious intruder. Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute devastating attacks. All of the cutting-edge threats and vulnerabilities are covered in full detail alongside real-world examples, case studies, and battle-tested countermeasures from the authors' experiences as gray hat security professionals. '

Joel Scambray, is a senior director in Microsoft Corporation’s MSN Security group, where he faces daily the full brunt of the Internet’s most notorious denizens, from spammers to Slammer. He is most widely recognized as co-author of Hacking Exposed: Network Security Secrets & Solutions, the international best-selling Internet security book, as well as related titles on Windows and web application security. Before joining Microsoft in August 2002, Joel helped launch security services startup Foundstone, Inc. to a highly regarded position in the industry, and he previously held positions as a manager for Ernst & Young, security columnist for Microsoft TechNet, editor at large for InfoWorld Magazine, and director of IT for a major commercial real estate firm. He has spoken widely on information security to organizations including CERT, The Computer Security Institute (CSI), ISSA, ISACA, SANS, private corporations, and government agencies, including the FBI and the RCMP. Joel has maintained CISSP accreditation since 1999.

Mike Shema, is CSO of NT Objectives, where he is working on improving the accuracy and scope of application security testing techniques and tools. He joined NT Objectives from Foundstone, Inc., where he was a principle consultant and trainer. He has performed security tests ranging from network penetrations to firewall and VPN reviews to web application reviews. Mr. Shema is intimately familiar with current security tools, vulnerabilities, and trends. Mr. Shema has also discovered and submitted to Buqtraq several zero-day exploits as a result of his extensive experience with web application testing.Prior to joining Foundstone, Mr. Shema worked at a product development company where he configured and deployed high-capacity Apache Web and Oracle database servers for numerous Internet clients. Mr. Shema previously worked at Booz Allen Hamilton on information assurance projects and performed several security assessments for government and military sites in addition to developing security training material.Mr. Shema holds a B.S. in Electrical Engineering and a B.S. in French from Penn State University. Mr. Shema has co-authored Hacking Exposed: Web Applications and Anti-Hacker Toolkit, Third Edition and authored Hack Notes: Web Security.

Caleb Sima, is the co-founder and CTO of SPI Dynamics, a Web application security products company. Caleb has been engaged in the Internet security arena since 1996, a time when the concept of Internet security was just emerging. Since then, he has become widely recognized within the industry as an expert in penetration testing, and for identifying emerging security threats. Caleb is a frequent speaker and press resource on Internet attacks and is a contributing author to various magazines, and has been featured in the Associated Press.

Chapter 1: Hacking Web Apps 101

Chapter 2: Profiling

Chapter 3: Hacking Web Platforms

Chapter 4: Attacking Web Authentication

Chapter 5: Attacking Web Authorization

Chapter 6: Input Validation Attacks

Chapter 7: Attacking Web Datastores

Chapter 8: Attacking XML Web Services

Chapter 9: Attacking Web Application Management

Chapter 10: Hacking Web Clients

Chapter 11: Denial-of-Service (DoS) Attacks

Chapter 12: Full-Knowledge Analysis

Chapter 13: Web Application Security Scanners

APPENDIX A: WEB APPLICATION SECURITY CHECKLIST

APPENDIX B: WEB HACKING TOOLS AND TECHNIQUES CRIBSHEET

APPENDIX C: URLScan AND ModSecurity

APPENDIX D: ABOUT THE COMPANION WEB SITE

INDEX