Web Hacking

Book title - Web Hacking Attacks and Defense
Publisher - Addison-Wesley
ISBN - 0-201-76176-9
Authors - McClure/Shah/Shah

This book should be in every webmaster and web developers library.

The authors present in a very understandable way the vulnerabilies and fixes for many different web exploits.

A basic summary of covered topics:

Web Languages
Web Data base server
Shopping carts
Protocols
Detailed description of URL's and URL encoding and abusing
Java
Buffer Overflows
( The list is much larger )

They also provide several case studies so you can see how it is done in the real world

There is an incredible amount of information in this book

Enjoy :)

There was a good and clear tutorial on how to web crack a couple of days ago- i wouldn't use but am constantly amazed that someone will put all that time and energy into figuring something like that out

Web Hacking Attacks and Defense is good if you are getting into web application security, However I found "Hacking Exposed Web applications" much better but it is a bit more hardcore. Having a good idea of web technologyies is a great help.

Personally I would go with "Hacking Exposed web applications" and read the a web site www.owasp.org The two of them cover almost everything!

Am I right in thinking that Web Hacking Attacks and Defense is another book from foundstone?

SittingDuck

I will order the "Hacking Exposed Web Applications" book today. I have read other "Exposed" books and they are very good also. One of the Authers of this this book (Stuart McClure) is also the author of "Hacking Exposed"

The authors are from Foundstone but the book is published by Addison-Wesley.

Thanks for the heads up on the other book.