The web application hacker's handbook : finding and exploiting security flaws /
Dafydd Stuttard, Marcus Pinto.
- 2nd ed.
- Indianapolis, IN : Chichester : Wiley ; John Wiley [distributor], c2011.
- xxxiii, 878 p. : ill. ; 24 cm.
Previous ed.: 2008. Includes index.
Web application (in) security -- Core defense mechanisms -- Web application technologies -- Mapping the application -- Bypassing client-side controls -- Attacking authentication -- Attacking session management -- Attacking access controls -- Attacking data stores -- Attacking back-end components -- Attacking application logic -- Attacking users : cross-site scripting -- Attacking users : other techniques -- Automating customized attacks -- Exploiting information disclosure -- Attacking native compiled applications -- Attacking application architecture -- Attacking the application server -- Finding vulnerabilities in source code -- A web application hacker's toolkit -- A web application hacker's methodology.
Provides information on how to discover security flaws in Web applications to defend against hackers.