Présentation de l'éditeur
Ever wondered how the computer hacks or website hacks happen? What constitutes a website hack?How come a Computer, which in layman circle, usually seen as a ‘Perfect’ machine doing computations or calculations at the lightning speed, have security vulnerabilities?! Can't all websites be safe and secure always? If you have all these innocent doubts in your mind, then this is the right book for you, seeking answers in an intuitive way using layman terms wherever possible!
There are 7 different chapters in the book. The first three of them set up the ground basics of hacking, next three of them discuss deeply the real hackings i.e. the different types of handpicked well-known web attacks and the last chapter that sums up everything. Here is the list of chapters:
1)Introduction: A brief discussion on workings of computers, programs, hacking terminologies, analogies to hacks. This chapter addresses the role of security in a software.
2)A Simplest Hack: To keep the reader curious, this chapter demonstrates the simplest hack in a computer program and draws all the essential components in a hacking. Though this is not a real hacking yet, it signifies the role of user input and out of box thinking in a nutshell. This chapter summarizes what a hack constitutes.
3)Web Applications: As the book is about website hacks, it would not be fair enough if there is no content related to the basics, explaining components of a website and the working of a website. This chapter makes the user ready to witness the real website hackings happening from the next chapter.
4)The SQL Injection: Reader’s first exposure to a website attack! SQL injection is most famous cyber-attack in Hackers’ community. This chapter explains causes, the way of exploitation and the solution to the problem. Of course, with a lot of analogies and intuitive examples!
5)Cross-site Scripting: Another flavor of attacks! As usual, the causes, way of exploitation and solution to the problem is described in simple terms. Again, with a lot of analogies!
6)Cross-site Request Forgery: The ultimate attack to be discussed in the book. Explaining why it is different from previous two, the causes, exploitation, solution and at the end, a brief comparison with the previous attack. This chapter uses the terms ‘Check request forgery’ and ‘Cross Bank Plundering’ sarcastically while drawing an analogy!
7)Conclusion: This chapter sums up the discussion by addressing questions like why only 3 attacks have been described? why can’t all websites be secure always? The chapter ends by giving a note to ethical hacking and ethical hackers.