新書推薦:
《
自由,不是放纵
》
售價:HK$
54.9
《
甲骨文丛书·消逝的光明:欧洲国际史,1919—1933年(套装全2册)
》
售價:HK$
277.8
《
剑桥日本戏剧史(剑桥世界戏剧史译丛)
》
售價:HK$
201.6
《
中国高等艺术院校精品教材大系:材料的时尚表达??服装创意设计
》
售價:HK$
76.2
《
美丽与哀愁:第一次世界大战个人史
》
售價:HK$
143.4
《
国家豁免法的域外借鉴与实践建议
》
售價:HK$
188.2
《
大单元教学设计20讲
》
售價:HK$
76.2
《
儿童自我关怀练习册:做自己最好的朋友
》
售價:HK$
69.4
|
| 內容簡介: |
|
Thisbookisapracticalguidetodiscoveringandexploitingsecurityflawsinwebapplications.Theauthorsexplaineachcategoryofvulnerabilityusingreal-worldexamples,screenshotsandcodeextracts.Thebookisextremelypracticalinfocus,anddescribesindetailthestepsinvolvedindetectingandexploitingeachkindofsecurityweaknessfoundwithinavarietyofapplicationssuchasonlinebanking,e-commerceandotherwebapplications.Thetopicscoveredincludebypassingloginmechanisms,injectingcode,exploitinglogicflawsandcompromisingotherusers.Becauseeverywebapplicationisdifferent,attackingthementailsbringingtobearvariousgeneralprinciples,techniquesandexperienceinanimaginativeway.Themostsuccessfulhackersgobeyondthis,andfindwaystoautomatetheirbespokeattacks.Thishandbookdescribesaprovenmethodologythatcombinesthevirtuesofhumanintelligenceandcomputerizedbruteforce,oftenwithdevastatingresults.Theauthorsareprofessionalpenetrationtesterswhohavebeeninvolvedinwebapplicationsecurityfornearlyadecade.TheyhavepresentedtrainingcoursesattheBlackHatsecurityconferencesthroughouttheworld.UnderthealiasPortSwigger,DafydddevelopedthepopularBurpSuiteofwebapplicationhacktools.
|
| 關於作者: |
DafyddStuttardisaPrincipalSecurityConsultantatNextGenerationSecuritySoftware,whereheleadsthewebapplicationsecuritycompetency.Hehasnineyears''experienceinsecurityconsultingandspecializesinthepenetrationtestingofwebapplicationsandcompiledsoftware.Dafyddhasworkedwithnumerousbanks,retailers,andotherenterprisestohelpsecuretheirwebapplications,andhasprovidedsecurityconsultingtoseveralsoftwaremanufacturersandgovernmentstohelpsecuretheircompiledsoftware.Dafyddisanaccomplishedprogrammerinseverallanguages,andhisinterestsincludedevelopingtoolstofacilitateallkindsofsoftwaresecuritytesting.DafyddhasdevelopedandpresentedtrainingcoursesattheBlackHatsecurityconferencesaroundtheworld.UnderthealiasPortSwigger,DafyddcreatedthepopularBurpSuiteofwebapplicationhackingtools.Dafyddholdsmaster''sanddoctoratedegreesinphilosophyfromtheUniversityofOxford.
MarcusPintoisaPrincipalSecurityConsultantatNextGenerationSecuritySoftware,whereheleadsthedatabasecompetencydevelopmentteam,andhasleadthedevelopmentofNGS''primarytrainingcourses.Hehaseightyears''experienceinsecurityconsultingandspecializesinpenetrationtestingofwebapplicationsandsupportingarchitectures.Marcushasworkedwithnumerousbanks,retailers,andotherenterprisestohelpsecuretheirwebapplications,andhasprovidedsecurityconsultingtothedevelopmentprojectsofseveralsecurity-criticalapplications.Hehasworkedextensivelywithlarge-scalewebapplicationdeploymentsinthefinancialservicesindustry.MarcushasdevelopedandpresenteddatabaseandwebapplicationtrainingcoursesattheBlackHatandothersecurityconferencesaroundtheworld.Marcusholdsamaster''sdegreeinphysicsfromtheUniversityofCambridge.
|
|
購物車/收銀台(0) | 在線留言板
| 付款方式
| 運費計算
| 聯絡我們
| 幫助中心 |
加入書簽
HOME
新書上架
