XSS Attacks: Cross Site Scripting Exploits and Defense - Couverture souple

Fogie, Seth

 
9781597491549: XSS Attacks: Cross Site Scripting Exploits and Defense
Couverture souple
ISBN 10 : 1597491543 ISBN 13 : 9781597491549
Editeur : Syngress, 2007

Synopsis

A cross site scripting attack is a very specific type of attack on a web application. It is used by hackers to mimic real sites and fool people into providing personal data.

XSS Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.

Les informations fournies dans la section « Synopsis » peuvent faire référence à une autre édition de ce titre.

À propos des auteurs

Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, is a world-renowned expert in web application security and a founding member of the Web Application Security Consortium (WASC). At WhiteHat, Mr. Grossman is responsible for web application security R&D and industry evangelism. He is a frequent speaker at industry events including the Black Hat Briefings, ISACA, OWASP, NASA, ISSA and Defcon. A trusted media resource, Mr. Grossman has been featured in USA Today, the Washington Post, Information Week, NBC Nightly News, and many others. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo!

Robert Hansen, also known as RSnake, is the founder of the ha.ckers.org web application security lab and has been heavily involved in the hacking and the security industry since the mid 1990s. Robert has worked in banner advertizing and built click fraud detection in his role as CSO for several startups. For many years he ran the managed security services product lines for Cable & Wireless. At eBay he worked on anti-cross site scripting, anti-phishing, anti-virus and web application intrusion detection and countermeasures. He has spoken at Black Hat, the Gartner security round table and at Networld+Interop and he is a member of WASC, OWASP, and ISSA.

Les informations fournies dans la section « A propos du livre » peuvent faire référence à une autre édition de ce titre.

Éditeur
Syngress
Date d'édition
2007
Langue
anglais
ISBN 10 
1597491543
ISBN 13 
9781597491549
Reliure
Broché
Nombre de pages
480
Coordonnées du fabricant
non disponible
Personne responsable
non disponible