Heiderich / Vela Nava / Heyes | Web Application Obfuscation | Buch | 978-1-59749-604-9 | sack.de

Buch, Englisch, 296 Seiten, Format (B × H): 192 mm x 237 mm, Gewicht: 617 g

Heiderich / Vela Nava / Heyes

Web Application Obfuscation

'-/Wafs..Evasion..Filters//Alert(/Obfuscation/)-'
Erscheinungsjahr 2010
ISBN: 978-1-59749-604-9
Verlag: Elsevier Science

'-/Wafs..Evasion..Filters//Alert(/Obfuscation/)-'

Buch, Englisch, 296 Seiten, Format (B × H): 192 mm x 237 mm, Gewicht: 617 g

ISBN: 978-1-59749-604-9
Verlag: Elsevier Science

Web applications are used every day by millions of users, which is why they are one of the most popular vectors for attackers. Obfuscation of code has allowed hackers to take one attack and create hundreds-if not millions-of variants that can evade your security measures. Web Application Obfuscation takes a look at common Web infrastructure and security controls from an attacker's perspective, allowing the reader to understand the shortcomings of their security systems. Find out how an attacker would bypass different types of security controls, how these very security controls introduce new types of vulnerabilities, and how to avoid common pitfalls in order to strengthen your defenses.

Heiderich / Vela Nava / Heyes Web Application Obfuscation jetzt bestellen!

Zielgruppe

<p>Penetration testers, security consultants; IDS Developers; Security Tool Developers; WAF Implementers and Maintainers; Web Developers; and Sys/Net Admins</p>

Autoren/Hrsg.

Heiderich, Mario
Vela Nava, Eduardo Alberto
Heyes, Gareth
Lindsay, David

Fachgebiete

Weitere Infos & Material

Chapter 1: Introduction Chapter 2: HTML Chapter 3: JavaScript and VBScript Chapter 4: Nonalphanumeric JavaScript Chapter 5: CSS Chapter 6: PHP Chapter 7: SQL Chapter 8: Web Application Firewalls and Client-side Filters Chapter 9: Mitigating Bypasses and Attacks Chapter 10: Future Developments

Heyes, Gareth
Gareth Heyes is based in the United Kingdom and does Web security contracting work and the occasional Web development project. He has been a speaker at the Microsoft BlueHat, Confidence Poland, and OWASP conferences, and is the author of many Web-based tools and sandboxes, including Hackvertor, JSReg, CSSReg, and HTMLReg.

Vela Nava, Eduardo Alberto
Eduardo Alberto Vela Nava (Application Security Specialist) works as an information security researcher at Google, Inc., with the task of improving the security of Google and the Internet as a whole, by researching security problems and creating solutions to them. His primary focus is Web application security and browser/plug-in security. He has been a presenter focusing on Web security at several conferences around the world. He previously worked at Alibaba Cloud Computing and Hi5 Networks.

Lindsay, David
David Lindsay is a senior security consultant with Cigital Inc., where he works with industry-leading financial, healthcare, and software companies helping to secure their critical applications. He provides professional assessments and remediation assistance in the form of penetration tests, architecture risk analysis, code review, and security training. He researches Web application security vulnerabilities focusing on emerging security issues related to new standards, frameworks, and architectures. He has spoken at many leading security events over the past few years, including the Microsoft BlueHat, BlackHat, and OWASP conferences.
David graduated from the University of Utah with a master's degree in mathematics.

Heiderich, Mario
Mario Heiderich is a Cologne, Germany-based freelancer and entrepreneur who is devoted to Web application development and security and is currently working on several projects while earning his Ph.D. at Ruhr University in Bochum. He graduated from the University of Applied Sciences in Friedberg/Hessen with a degree in media informatics, and has been working for several German and international companies as a developer and security consultant. In addition to being lead developer for the PHPIDS and author of a German book about Web application security, he has been a speaker at several conferences and a trainer for Web security classes around the world. His work is focused on client-side attacks and defense, especially markup, CSS, and JavaScript, on all major user agents.

Ihre Fragen, Wünsche oder Anmerkungen
Vorname*
Nachname*
Ihre E-Mail-Adresse*
Kundennr.
Ihre Nachricht*
Lediglich mit * gekennzeichnete Felder sind Pflichtfelder.
Wenn Sie die im Kontaktformular eingegebenen Daten durch Klick auf den nachfolgenden Button übersenden, erklären Sie sich damit einverstanden, dass wir Ihr Angaben für die Beantwortung Ihrer Anfrage verwenden. Selbstverständlich werden Ihre Daten vertraulich behandelt und nicht an Dritte weitergegeben. Sie können der Verwendung Ihrer Daten jederzeit widersprechen. Das Datenhandling bei Sack Fachmedien erklären wir Ihnen in unserer Datenschutzerklärung.