Commencez à lire Hacking Web Apps sur votre Kindle dans moins d'une minute. Vous n'avez pas encore de Kindle ? Achetez-le ici Ou commencez à lire dès maintenant avec l'une de nos applications de lecture Kindle gratuites.

Envoyer sur votre Kindle ou un autre appareil


Essai gratuit

Découvrez gratuitement un extrait de ce titre

Envoyer sur votre Kindle ou un autre appareil

Désolé, cet article n'est pas disponible en
Image non disponible pour la
couleur :
Image non disponible

Hacking Web Apps: Detecting and Preventing Web Application Security Problems [Format Kindle]

Mike Shema

Prix conseillé : EUR 37,93 De quoi s'agit-il ?
Prix éditeur - format imprimé : EUR 37,93
Prix Kindle : EUR 26,55 TTC & envoi gratuit via réseau sans fil par Amazon Whispernet
Économisez : EUR 11,38 (30%)

App de lecture Kindle gratuite Tout le monde peut lire les livres Kindle, même sans un appareil Kindle, grâce à l'appli Kindle GRATUITE pour les smartphones, les tablettes et les ordinateurs.

Pour obtenir l'appli gratuite, saisissez votre adresse e-mail ou numéro de téléphone mobile.


Prix Amazon Neuf à partir de Occasion à partir de
Format Kindle EUR 26,55  
Broché EUR 37,93  

Descriptions du produit

Revue de presse

"Preventing and fixing vulnerabilities is what this book is really about…The truth is that it’s most appropriate for anyone tasked with securing an organisation’s website. However, all web developers should be made to read it, whether they consider themselves coders or designers."--Network Security Newsletter, July 2013

"This book is equally valuable to technical security practitioners and less-technical security leaders alike.  I recommend anyone looking to develop their own web applications or defend against modern web application exploitation take advantage of Mike Shema’s expertise on this topic."--Doug Steelman, Chief Information Security Officer, Dell SecureWorks

"Hacking Web Apps by Mike Shema introduces novice security practitioners to the most threatening exploits plaguing modern web applications.  The book covers more than the raw concepts, by bringing in other vulnerabilities and showing how the various exploits relate to one another; and it does so in human readable terms."--Robert Hansen, CEO of Falling Rock Networks and SecTheory Ltd.

Présentation de l'éditeur

How can an information security professional keep up with all of the hacks, attacks, and exploits on the Web? One way is to read Hacking Web Apps. The content for this book has been selected by author Mike Shema to make sure that we are covering the most vicious attacks out there. Not only does Mike let you in on the anatomy of these attacks, but he also tells you how to get rid of these worms, trojans, and botnets and how to defend against them in the future. Countermeasures are detailed so that you can fight against similar attacks as they evolve.

Attacks featured in this book include:

• SQL Injection

• Cross Site Scripting

• Logic Attacks

• Server Misconfigurations

• Predictable Pages

• Web of Distrust

• Breaking Authentication Schemes

• HTML5 Security Breaches

• Attacks on Mobile Apps

Even if you don’t develop web sites or write HTML, Hacking Web Apps can still help you learn how sites are attacked—as well as the best way to defend against these attacks. Plus, Hacking Web Apps gives you detailed steps to make the web browser – sometimes your last line of defense – more secure.

  • More and more data, from finances to photos, is moving into web applications. How much can you trust that data to be accessible from a web browser anywhere and safe at the same time?
  • Some of the most damaging hacks to a web site can be executed with nothing more than a web browser and a little knowledge of HTML.
  • Learn about the most common threats and how to stop them, including HTML Injection, XSS, Cross Site Request Forgery, SQL Injection, Breaking Authentication Schemes, Logic Attacks, Web of Distrust, Browser Hacks and many more.

Détails sur le produit

  • Format : Format Kindle
  • Taille du fichier : 3558 KB
  • Nombre de pages de l'édition imprimée : 296 pages
  • Editeur : Syngress; Édition : 1 (22 octobre 2012)
  • Vendu par : Amazon Media EU S.à r.l.
  • Langue : Anglais
  • ASIN: B00976XNGG
  • Synthèse vocale : Activée
  • X-Ray :
  • Word Wise: Non activé
  • Classement des meilleures ventes d'Amazon: n°237.942 dans la Boutique Kindle (Voir le Top 100 dans la Boutique Kindle)
  •  Souhaitez-vous faire modifier les images ?

En savoir plus sur l'auteur

Découvrez des livres, informez-vous sur les écrivains, lisez des blogs d'auteurs et bien plus encore.

Commentaires en ligne

Il n'y a pas encore de commentaires clients sur
5 étoiles
4 étoiles
3 étoiles
2 étoiles
1 étoiles
Commentaires client les plus utiles sur (beta) 4.4 étoiles sur 5  7 commentaires
6 internautes sur 6 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Repackaging of author's previous (good) book 9 novembre 2012
Par Microcosm - Publié sur
As far as I can tell, this is a repackaged (and much more expensive) version of the author's
"Seven Deadliest Web Application Attacks", released in 2010. The only difference that I can see at a glance is that a 22 page section on HTML 5 has been added. Perhaps some content has been updated, I don't know, but it mostly seems like just the order and names of some chapters has been changed.

That being said, I did find "Seven Deadliest Web Application Attacks" to be a valuable read for those interested in web software security.
3 internautes sur 3 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Good reference, inadequate textbook 30 juillet 2013
Par Invisibled - Publié sur
Format:Broché|Achat vérifié
This books is a great reference work that covers - in good detail - concepts and techniques in hacking web applications. I found this somewhat lacking in bootstrapping me into practical application. I bought this book with the intent that it'd get me into basic XSS and SQL injection attacks, but there isn't much to "practice" per se.

As a caveat, I'm not sure this within the scope of this text, and it is a very good primer on the various attack vectors and types. Make no mistake, I've read this book and used it to give me a leg up into the vocabulary of web application security, but I found other texts more useful as "how to" texts.
2 internautes sur 2 ont trouvé ce commentaire utile 
4.0 étoiles sur 5 Hacking Web Apps - A Modern Introduction to Web Application Security with HTML5 23 avril 2013
Par Adnan Masood - Publié sur
Hacking Web Apps by Mike Shema is a contemporary guide on web application security. Mike's labor of love, as he likes to call this book, contains very relevant and distilled information on modern day web application attacks. The book is different from your garden variety web-application-top-n-style verbose texts with template vulnerabilities and hello-world solutions; Hacking web apps is a book with strong personality which shows in the eight chapters covering diverse topics from HTML5 security, XSS, CSRF, platform weaknesses to browser and privacy attacks.

Starting with HTML5, author discussed security issues surrounding "new" DOM, CORS, web sockets, web storage, web workers in a concise and concrete manner. This first chapter, however brief, makes this book quite unique since very few books in my knowledge have dealt with security issues pertaining to HTML5. The book provides a nice knowledge upgrade to exploits and vulnerabilities when it comes to web 2.0 technologies. Packed with tips, epic failures and notes providing security anecdotes from the real-world, this text keeps you involved and entertained throughout. Going beyond usual CWE-SANS/OWASP top x vulnerabilities, author elaborates on design issues and draw parallels on how to apply these issues to other similar problems. The text tends to be language agnostic and code samples are in multiple languages (python, php etc) but I do miss the examples with specifics of libraries such as AntiForgeryToken in ASP.NET MVC. I have not read any of Mike's previous books so I cannot comment on how much is shared between his writings but for any web and server side developer interested in security, I'd highly recommend reading this book.
5.0 étoiles sur 5 useful information on day to day 30 septembre 2013
Par marc137 - Publié sur
Los 'malos' siempre van por delante. Sabemos que la web no es segura. Hay que ir con mil ojos. No nos podemos quedar en lo que aprendimos hace años. Aquellas prácticas que ponemos en práctica en nuestros desarrollos pueden ya no ser seguras o recomendables. Vivimos de repetir nuestro código que nunca (o casi nunca) ha sido atacado. Trabajamos con frameworks y creemos que eso nos libra de todo mal, dejamos de pensar y delegamos en otros.

Este libro, no es demasiado largo, va al grano y te da un buen paseo por muchos tipos de vulnerabilidades que pueden darse en la web, así como técnicas para intentar evitarlas y todo acompañado con código de ejemplo.

El enfoque es rápido y claro. No busques una gran profundidad, pero es que realmente, en este tema no hace falta, ya que las variantes son casi infinitas. Lo que hay que tener claro es a lo que nos enfrentamos, tener un conocimiento general y adaptarlo a nuestras necesidades.

Una compra totalmente recomendable y un conocimiento imprescindible.

From Google translator ->
The bad guys are always ahead. We know that the web is not safe. You should go with a thousand eyes. We can not stay on what we learned years ago. Those practices that we implement in our developments may no longer be safe or advisable. We live to repeat our code that never (or rarely) been attacked. And we work with frameworks that frees us from all evil, we stop thinking and delegate to others.

This book is not too long, to the point and gives a smooth ride for many types of vulnerabilities that can occur in the web as well as techniques to try to avoid and all accompanied with sample code.

The focus is fast and clear. Look no great depth, but is that really, this topic is not necessary, since the variations are almost endless. What must be clear is what we face, have a general knowledge and adapt it to our needs.

Purchase fully recommended and essential knowledge.
1 internautes sur 1 ont trouvé ce commentaire utile 
5.0 étoiles sur 5 One of the best books on hacking out there 18 août 2013
Par chavruta - Publié sur
I've been poring over this book for weeks. It is packed with great info and concepts. The only complaint I have is that sometimes it has too few examples to make the concepts clear. But it has a lot to teach.
Ces commentaires ont-ils été utiles ?   Dites-le-nous

Discussions entre clients

Le forum concernant ce produit
Discussion Réponses Message le plus récent
Pas de discussions pour l'instant

Posez des questions, partagez votre opinion, gagnez en compréhension
Démarrer une nouvelle discussion
Première publication:
Aller s'identifier

Rechercher parmi les discussions des clients
Rechercher dans toutes les discussions Amazon

Rechercher des articles similaires par rubrique