Ebook The basics of web hacking - Tools and techniques to attack the web

Ebook "The basics of web hacking - Tools and techniques to attack the web" includes content: The basics of web hacking, web server hacking, web application exploitation with injection, web application recon and scanning, web application exploitation, web user hacking, fixes.
Nội dung trích xuất từ tài liệu:
Ebook The basics of web hacking - Tools and techniques to attack the web i The Basics of Web Hacking iii The Basics of Web Hacking Tools and Techniques to Attack the Web Josh Pauli Scott White, Technical Editor AMSTERDAM • BOSTON • HEIDELBERG • LONDON NEW YORK • OXFORD • PARIS • SAN DIEGO SAN FRANCISCO • SINGAPORE • SYDNEY • TOKYO Syngress is an Imprint of Elsevier Acquiring Editor: Chris Katsaropoulos Editorial Project Manager: Benjamin Rearick Project Manager: Priya Kumaraguruparan Designer: Mark Rogers Syngress is an imprint of Elsevier 225 Wyman Street, Waltham, MA 02451, USA Copyright © 2013 Elsevier, Inc. All rights reserved. No part of this publication may be reproduced or transmitted in any form or by any means, electronic or mechanical, including photocopying, recording, or any information storage and retrieval system, without permission in writing from the publisher. Details on how to seek permission, further information about the Publisher’s permissions policies and our arrangements with organizations such as the Copyright Clearance Center and the Copyright Licensing Agency, can be found at our website: www.elsevier.com/ permissions. This book and the individual contributions contained in it are protected under copyright by the Publisher (other than as may be noted herein). Notices Knowledge and best practice in this field are constantly changing. As new research and experience broaden our understanding, changes in research methods or professional practices, may become necessary. Practitioners and researchers must always rely on their own experience and knowledge in evaluating and using any information or methods described herein. In using such information or methods they should be mindful of their own safety and the safety of others, including parties for whom they have a professional responsibility. To the fullest extent of the law, neither the Publisher nor the authors, contributors, or editors, assume any liability for any injury and/or damage to persons or property as a matter of products liability, negligence or otherwise, or from any use or operation of any methods, products, instructions, or ideas contained in the material herein. Library of Congress Cataloging-in-Publication Data Pauli, Joshua J.   The basics of web hacking : tools and techniques to attack the Web / Josh Pauli.   pages cm   Includes bibliographical references and index.   ISBN 978-0-12-416600-4   1.  Web sites–Security measures.  2.  Web applications–Security measures.  3.  Computer networks– Security measures.  4.  Penetration testing (Computer security)  5.  Computer hackers.  6.  Computer crimes–Prevention. I. Title.   TK5105.59.P385 2013  005.8–dc23 2013017240 British Library Cataloguing-in-Publication Data A catalogue record for this book is available from the British Library. ISBN: 978-0-12-416600-4 Printed in the United States of America 13 14 15  10 9 8 7 6 5 4 3 2 1 For information on all Syngress publications, visit our website at www.syngress.com. Dedication This book is dedicated to my lovely wife, Samantha, and my two wonderful daughters, Liz and Maddie. I love you all very much. v Acknowledgments HONEY BEAR vi To my wife, Samantha: We’ve come a long way since being scared teenagers expecting a baby! Your support no matter the projects I take on, your under- standing no matter how much I complain, and your composure no matter what comes at our family are legendary and have kept our family chugging along. LIZARD To my oldest daughter, Liz: Your work ethic, attention to detail, and drive to suc- ceed are an inspiration to me. I’m looking forward to the coming years as you take on your next challenges, as I have no doubt you will succeed with flying colors! BABY BIRD To my youngest daughter, Maddie: Your smile and playful nature always pick me up and make me realize how good we have it. If four open-heart surgeries won’t slow you down, what excuse does anybody else have? Keep smiling, playing, and being yourself—we’re all better off that way! FAMILY AND FRIENDS Huge thanks to Merm, Tara, Halverto, Stacy & Steph, Luke & Tracy, David, Dr. B, Crony, my DSU students, and everybody else that I’ve surely forgotten that have provided friendship and support. Salute! And a special note to Dr. Patrick Engebretson, a great friend and colleague, that I’ve shared many beers, fried goodies, stories, car rides, and office visits with. Your assistance through this publishing process has been a tremendous help. Do work, big boy! Last, to my parents, Dr. Wayne and Dr. Crystal Pauli: It appears that those years of twisting my ear, filling my mouth full of soap, and breaking wooden spoons on my butt have finally paid off! (That stuff was allowed in the 1980s and it’s obvious now that I wasn’t the easiest child to raise.) Your love and support have never wavered and I couldn’t ask for better parents. SECURITY COMMUNITY Man, what a group. It doesn’t matter if you’re a complete beginner, a super l33t hacker, or anywhere in between, you’re always welcome if you’re willing to learn Acknowledgments vii and explore. As a South Dakota guy, I ...