Paperback: 500 pages
Publisher: Syngress; 1 edition (February 15, 2007)
Product Dimensions: 7.1 x 1.4 x 8.9 inches
Shipping Weight: 1.4 pounds (View shipping rates and policies)
Average Customer Review: 4.2 out of 5 stars See all reviews (4 customer reviews)
Best Sellers Rank: #2,228,746 in Books (See Top 100 in Books) #53 in Books > Computers & Technology > Programming > Cross-platform Development #525 in Books > Computers & Technology > Certification > CompTIA #930 in Books > Computers & Technology > Databases & Big Data > SQL
When I came across this book on the O'Reilly website I was immediately interested, as web applications are becoming more and more prevalent. And other than thinking it covered methods of securing web applications I had no preconceived assumptions. My main aspiration for this book was to give me better awareness of security in the area of web applications and to provide me with some tools. After having read this book I can say that it has done both.Each of the chapters in this book seem to follow a pattern of first defining the topic, second giving real world examples, and finally providing the reader with solutions. The book begins by providing a history of the hacking methodology and defining the various types of hacking. It was interesting to learn about some of the various hacks and hackers. For example, I had no idea Steve Jobs (Apple Computers) used to be a hacker.In chapter two the author discusses what he calls a "Code Grinder", and how to not become or produce a code grinder. A code grinder is someone who works in a highly regulated environment where creativity is discouraged. I found it interesting that a code grinder environment typically produces more unsecure code then an environment that is open and promotes creativity.Chapter three discusses the risks associated with mobile code. Chapter four covers vulnerable CGI scripts and introduces the reader to some tools such as Nikto and Web Hack Control Center to scan your website to find vulnerabilities. The author goes on to discuss the issues faced by the various CGI scripting languages, and then provides an outline of rules to writing secure CGI scripts.Chapter five covers hacking techniques and tools.