Professional Pen Testing for Web Applications (專業網頁應用程式滲透測試)

Andres Andreu

  • 出版商: Wrox Press
  • 出版日期: 2006-07-01
  • 定價: $1,800
  • 售價: 2.2$399
  • 語言: 英文
  • 頁數: 548
  • 裝訂: Paperback
  • ISBN: 0471789666
  • ISBN-13: 9780471789666
  • 相關分類: 資訊安全駭客 Hack
  • 立即出貨(限量) (庫存=4)

買這商品的人也買了...

相關主題

商品描述

Description

There is no such thing as "perfect security" when it comes to keeping all systems intact and functioning properly. Good penetration (pen) testing creates a balance that allows a system to be secure while simultaneously being fully functional. With this book, you'll learn how to become an effective penetrator (i.e., a white hat or ethical hacker) in order to circumvent the security features of a Web application so that those features can be accurately evaluated and adequate security precautions can be put in place.

After a review of the basics of web applications, you'll be introduced to web application hacking concepts and techniques such as vulnerability analysis, attack simulation, results analysis, manuals, source code, and circuit diagrams. These web application hacking concepts and techniques will prove useful information for ultimately securing the resources that need your protection.

What you will learn from this book

  • Surveillance techniques that an attacker uses when targeting a system for a strike
  • Various types of issues that exist within the modern day web application space
  • How to audit web services in order to assess areas of risk and exposure
  • How to analyze your results and translate them into documentation that is useful for remediation
  • Techniques for pen-testing trials to practice before a live project

Who this book is for

This book is for programmers, developers, and information security professionals who want to become familiar with web application security and how to audit it.

Wrox Professional guides are planned and written by working programmers to meet the real-world needs of programmers, developers, and IT professionals. Focused and relevant, they address the issues technology professionals face every day. They provide examples, practical solutions, and expert education in new technologies, all designed to help programmers do a better job.

商品描述(中文翻譯)

描述

在保持所有系統完整並正常運作方面,「完美的安全」是不存在的。良好的滲透測試可以在系統保持安全的同時保持其完全功能。通過本書,您將學習如何成為一名有效的滲透者(即白帽駭客或道德駭客),以繞過網絡應用程序的安全功能,從而準確評估這些功能並採取足夠的安全預防措施。

在介紹網絡應用程序入侵概念和技術(如漏洞分析、攻擊模擬、結果分析、手冊、源代碼和電路圖)之後,您將了解到這些網絡應用程序入侵概念和技術對於最終保護需要您保護的資源非常有用。

本書將教您以下內容:
- 攻擊者在對系統進行攻擊時使用的監視技術
- 現代網絡應用程序領域存在的各種問題類型
- 如何審計網絡服務以評估風險和曝光領域
- 如何分析結果並將其轉化為有用的修復文檔
- 在實際項目之前進行滲透測試試驗的技巧

本書適合程序員、開發人員和信息安全專業人員,他們希望熟悉網絡應用程序安全性以及如何進行審計。

Wrox專業指南由在職程序員計劃和撰寫,以滿足程序員、開發人員和IT專業人員的實際需求。這些指南聚焦且相關,涉及技術專業人員每天面臨的問題。它們提供實例、實用解決方案和專家教育,旨在幫助程序員做得更好。