Web Application Obfuscation: '-/WAFs..Evasion..Filters//alert(/Obfuscation/)-' (Paperback)

Mario Heiderich, Eduardo Alberto Vela Nava, Gareth Heyes, David Lindsay

  • 出版商: Syngress Media
  • 出版日期: 2010-12-10
  • 售價: $2,010
  • 貴賓價: 9.5$1,910
  • 語言: 英文
  • 頁數: 282
  • 裝訂: Paperback
  • ISBN: 1597496049
  • ISBN-13: 9781597496049
  • 海外代購書籍(需單獨結帳)

買這商品的人也買了...

相關主題

商品描述

Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take one attack and create hundreds-if not millions-of variants that can evade your security measures. Web Application Obfuscation takes a look at common Web infrastructure and security controls from an attacker's perspective, allowing the reader to understand the shortcomings of their security systems. Find out how an attacker would bypass different types of security controls, how these very security controls introduce new types of vulnerabilities, and how to avoid common pitfalls in order to strengthen your defenses.




  • Looks at security tools like IDS/IPS that are often the only defense in protecting sensitive data and assets

  • Evaluates Web application vulnerabilties from the attacker's perspective and explains how these very systems introduce new types of vulnerabilities

  • Teaches how to secure your data, including info on browser quirks, new attacks and syntax tricks to add to your defenses against XSS, SQL injection, and more

商品描述(中文翻譯)

網路應用程式每天被數百萬用戶使用,因此它們成為攻擊者最常見的攻擊目標之一。代碼的混淆使黑客能夠將一次攻擊轉化為數百甚至數百萬個變體,從而避開您的安全措施。《Web Application Obfuscation》從攻擊者的角度探討了常見的網路基礎設施和安全控制,讓讀者了解其安全系統的不足之處。了解攻擊者如何繞過不同類型的安全控制,這些安全控制如何引入新的漏洞,以及如何避免常見的陷阱以加強您的防禦。

- 研究像 IDS/IPS 這樣的安全工具,這些工具通常是保護敏感數據和資產的唯一防線
- 從攻擊者的角度評估網路應用程式的漏洞,並解釋這些系統如何引入新的漏洞
- 教授如何保護您的數據,包括瀏覽器特性、新的攻擊和語法技巧,以增強對 XSS、SQL 注入等攻擊的防禦