Hacking the code : ASP.NET web application security /

Mostrar otras versiones (1)

Hacker Code will have over 400 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, HC1 will dive right into deep code analysis. Previo...

Descripción completa

Detalles Bibliográficos
Clasificación:Libro Electrónico
Autor principal: Burnett, Mark (Mark M.)
Otros Autores: Foster, James C.
Formato: Electrónico eBook
Idioma:Inglés
Publicado: Rockland, MA : Syngress Pub., ©2004.
Temas:
Active server pages > Security measures.
Active server pages.
Application software > Security measures.
Computer networks > Security measures.
Logiciels d'application > Sécurité > Mesures.
Réseaux d'ordinateurs > Sécurité > Mesures.
REFERENCE > General.
Security systems.
Acceso en línea:Texto completo (Requiere registro previo con correo institucional)

MARC

LEADER 00000cam a2200000 a 4500
001 OR_ocm55499515
003 OCoLC
005 20231017213018.0
006 m o d
007 cr cnu---unuuu
008 040527s2004 maua o 001 0 eng d
040 |a N$T  |b eng  |e pn  |c N$T  |d OCLCQ  |d YDXCP  |d OCLCQ  |d HNW  |d TUU  |d OCLCQ  |d OKN  |d N$T  |d OCLCQ  |d CSL  |d K6U  |d OCLCF  |d UKMGB  |d NTG  |d BMU  |d B24X7  |d EBLCP  |d OPELS  |d DKDLA  |d IOD  |d CUY  |d ZCU  |d MERUC  |d CCO  |d E7B  |d DEBSZ  |d TEFOD  |d OCLCQ  |d AZK  |d LOA  |d COCUF  |d CNNOR  |d SUR  |d MOR  |d PIFBR  |d LIV  |d OCLCQ  |d SAV  |d OCLCO  |d WY@  |d U3W  |d OCL  |d LUE  |d OCL  |d STF  |d BRL  |d WRM  |d D6H  |d NRAMU  |d NLE  |d INT  |d VT2  |d TOF  |d OCLCQ  |d OCLCO  |d COO  |d A6Q  |d OCLCQ  |d OCLCO  |d LEAUB  |d YDX  |d OL$  |d OCLCQ  |d CHBRC  |d OCLCQ  |d VLY  |d UKCRE  |d INARC  |d OCLCO  |d OCLCQ  |d IOY  |d OCLCQ  |d COA  |d OCLCQ 
016 7 |a 009725922  |2 Uk 
016 7 |a 017581701  |2 Uk 
019 |a 60365450  |a 62475892  |a 85844461  |a 162599225  |a 232158056  |a 507200996  |a 531339917  |a 559329074  |a 606025298  |a 630212053  |a 647365112  |a 722257511  |a 728015042  |a 961629416  |a 961635322  |a 962584880  |a 962719410  |a 965979173  |a 984877094  |a 988476459  |a 991950365  |a 992098714  |a 1035659360  |a 1037512157  |a 1038588654  |a 1045495603  |a 1053325821  |a 1055376211  |a 1076311178  |a 1081289449  |a 1103256349  |a 1129359244  |a 1135404308  |a 1152988002  |a 1162005808  |a 1192331312  |a 1228527951  |a 1240520941  |a 1340071108 
020 |a 1931836434  |q (electronic bk.) 
020 |a 9781931836432  |q (electronic bk.) 
020 |a 9781932266658  |q (electronic bk.) 
020 |a 1932266658  |q (electronic bk.) 
020 |a 9780080478173  |q (electronic bk.) 
020 |a 0080478174  |q (electronic bk.) 
020 |a 1281056286 
020 |a 9781281056283 
020 |a 9786611056285 
020 |a 6611056289 
020 |z 9781931836434 
024 8 |a (WaSeSS)ssj0000166815 
029 1 |a AU@  |b 000051860324 
029 1 |a AU@  |b 000053016989 
029 1 |a AU@  |b 000053223647 
029 1 |a CHNEW  |b 001004676 
029 1 |a DEBBG  |b BV042307714 
029 1 |a DEBSZ  |b 405314353 
029 1 |a DEBSZ  |b 449062406 
029 1 |a GBVCP  |b 80114146X 
029 1 |a NZ1  |b 11924900 
029 1 |a UKMGB  |b 017581701 
035 |a (OCoLC)55499515  |z (OCoLC)60365450  |z (OCoLC)62475892  |z (OCoLC)85844461  |z (OCoLC)162599225  |z (OCoLC)232158056  |z (OCoLC)507200996  |z (OCoLC)531339917  |z (OCoLC)559329074  |z (OCoLC)606025298  |z (OCoLC)630212053  |z (OCoLC)647365112  |z (OCoLC)722257511  |z (OCoLC)728015042  |z (OCoLC)961629416  |z (OCoLC)961635322  |z (OCoLC)962584880  |z (OCoLC)962719410  |z (OCoLC)965979173  |z (OCoLC)984877094  |z (OCoLC)988476459  |z (OCoLC)991950365  |z (OCoLC)992098714  |z (OCoLC)1035659360  |z (OCoLC)1037512157  |z (OCoLC)1038588654  |z (OCoLC)1045495603  |z (OCoLC)1053325821  |z (OCoLC)1055376211  |z (OCoLC)1076311178  |z (OCoLC)1081289449  |z (OCoLC)1103256349  |z (OCoLC)1129359244  |z (OCoLC)1135404308  |z (OCoLC)1152988002  |z (OCoLC)1162005808  |z (OCoLC)1192331312  |z (OCoLC)1228527951  |z (OCoLC)1240520941  |z (OCoLC)1340071108 
037 |a C6BE26C9-DA74-4299-96DD-D8C6DA3C111D  |b OverDrive, Inc.  |n http://www.overdrive.com 
050 4 |a TK5105.59  |b B87 2004eb 
060 4 |a TK 5105.59  |b B87 2004 
072 7 |a REF  |x 000000  |2 bisacsh 
082 0 4 |a 005.276  |2 22 
049 |a UAMI 
100 1 |a Burnett, Mark  |q (Mark M.) 
245 1 0 |a Hacking the code :  |b ASP.NET web application security /  |c Mark Burnett, James C. Foster, technical ed. 
246 3 |a ASP.NET web application security 
260 |a Rockland, MA :  |b Syngress Pub.,  |c ©2004. 
300 |a 1 online resource (xxiii, 447 pages) :  |b illustrations 
336 |a text  |b txt  |2 rdacontent 
337 |a computer  |b c  |2 rdamedia 
338 |a online resource  |b cr  |2 rdacarrier 
347 |a data file 
500 |a Includes index. 
588 0 |a Print version record. 
520 |a Hacker Code will have over 400 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, HC1 will dive right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques from Foundstone and other respected organizations will be included in both the Local and Remote Code sections of the book. The book will be accompanied with a FREE COMPANION CD containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD will also contain a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library will include multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions will simplify exploit and vulnerability tool development to an extent never before possible with publicly available software. * Learn to quickly create security tools that ease the burden of software testing and network administration * Find out about key security issues regarding vulnerabilities, exploits, programming flaws, and secure code development * Discover the differences in numerous types of web-based attacks so that developers can create proper quality assurance testing procedures and tools * Learn to automate quality assurance, management, and development tasks and procedures for testing systems and applications * Learn to write complex Snort rules based solely upon traffic generated by network tools and exploits. 
505 0 |a Chapter 1 Managing Users; ; Introduction; ; Understanding the Threats; ; Establishing User Credentials; ; Enforcing Strong Passwords; ; Avoiding Easily Guessed Credentials; ; Preventing Credential Harvesting; ; Limiting Idle Accounts; ; Managing Passwords; ; Storing Passwords; ; Password Aging and Histories; ; Changing Passwords; ; Resetting Lost or Forgotten Passwords; ; Resetting Passwords; ; Sending Information Via E-Mail; ; Assigning Temporary Passwords; ; Using Secret Questions; ; Empowering Users; ; Educating Users; ; Involving Users; ; Coding Standards Fast Track; ; Establishing User Credentials; ; Managing Passwords; ; Resetting Lost or Forgotten Passwords. 
505 0 |a Empowering Users; ; Code Audit Fast Track; ; Establishing User Credentials; ; Managing Passwords; ; Resetting Lost or Forgotten Passwords; ; Empowering Users; ; Frequently Asked Questions; ; Chapter 2 Authenticating and Authorizing Users; ; Introduction; ; Understanding the Threats; ; Authenticating Users; ; Building Login Forms; ; Using Forms Authentication; ; Using Windows Authentication; ; Using Passport Authentication; ; Blocking Brute-Force Attacks; ; Authorizing Users; ; Deciding How to Authorize; ; Employing File Authorization; ; Applying URL Authorization; ; Authorizing Users Through Code; ; Coding Standards Fast Track; ; Authenticating Users; ; Authorizing. 
505 0 |a Users; ; Code Audit Fast Track; ; Authenticating Users; ; Authorizing Users; ; Frequently Asked Questions; ; Chapter 3 Managing Sessions; ; Introduction; ; Session Tokens; ; Authentication Tokens; ; Understanding the Threats; ; Maintaining State; ; Designing a Secure Token; ; Selecting a Token Mechanism; ; Using State Providers; ; Using ASP.NET Tokens; ; Using Cookies; ; Working with View State; ; Enhancing ASP.NET State Management; ; Creating Tokens; ; Terminating Sessions; ; Coding Standards Fast Track; ; Maintaining State; ; Using ASP.NET Tokens; ; Enhancing ASP.NET State Management; ; Code Audit Fast Track; ; Maintaining State; ; Using ASP.NET. 
505 0 |a Tokens; ; Enhancing ASP.NET State Management; ; Frequently Asked Questions; ; Chapter 4 Encrypting Private Data; ; Introduction; ; Using Cryptography in ASP.NET; ; Employing Symmetric Cryptography; ; Using Asymmetric Cryptography; ; Working with Hashing Algorithms; ; Working with .NET Encryption Features; ; Creating Random Numbers; ; Keeping Memory Clean; ; Protecting Secrets; ; Protecting Communications with SSL; ; Coding Standards Fast Track; ; Using Cryptography in ASP.NET; ; Working with .NET Encryption Features; ; Code Audit Fast Track; ; Using Cryptography in ASP.NET; ; Working with .NET Encryption Features; ; Frequently Asked Questions; ; Chapter 5 Filtering User Input; ; Introduction; ; Handling Malicious. 
505 0 |a Input; ; Identifying Input Sources; ; Programming Defensively; ; Constraining Input; ; Bounds Checking; ; Pattern Matching; ; Data Reflecting; ; Encoding Data; ; Encapsulating; ; Parameterizing; ; Double Decoding; ; Syntax Checking; ; Exception Handling; ; Honey Drops; ; Limiting Exposure to Malicious Input; ; Reducing the Attack Surface; ; Limiting Attack Scope; ; Hardening Server Applications; ; Coding Standards Fast Track; ; Handling Malicious Input; ; Constraining Input; ; Limiting Exposure to Malicious Input; ; Code Audit Fast Track; ; Handling Malicious Input; ; Limiting Exposure to Malicious Input; ; Frequently Asked. 
505 0 |a Questions; ; Chapter 6 Accessing Data; ; Introduction; ; Securing Databases; ; Securing the Database Location; ; Limiting the Attack Surface; ; Ensuring Least Privilege; ; Securing the Database; ; Writing Secure Data Access Code; ; Connecting to the Data Source; ; Preventing SQL Injection; ; Writing Secure SQL Code; ; Reading and Writing to Data Files; ; Coding Standards Fast Track; ; Securing Database Drivers; ; Securing Databases; ; Writing Secure Data Access Code; ; Code Audit Fast Track; ; Securing Database Drivers; ; Securing the Database; ; Writing Secure Data Access Code; ; Frequently Asked Questions; ; Chapter 7 Developing Secure ASP.NET Applications; ; Introduction. 
505 0 |a Understanding the Threats; ; Writing Secure HTML; ; Constructing Safe HTML; ; Preventing Information Leaks; ; Handling Exceptions; ; Using Structured Error Handling; ; Reporting and Logging Errors; ; Coding Standards Fast Track; ; Writing Secure HTML; ; Handling Exceptions; ; Code Audit Fast Track; ; Writing Secure HTML; ; Handling Exceptions; ; Frequently Asked Questions; ; Chapter 8 Securing XML; ; Introduction; ; Applying XML Encryption; ; Encrypting XML Data; ; Applying XML Digital Signatures; ; Signing XML Data; ; Coding Standards Fast Track; ; Applying XML Encryption; ; Applying XML Digital Signatures; ; Coding Audit Fast Track; ; Applying XML Encryption; ; Applying XML. 
505 0 |a Digital Signatures; ; Frequently Asked Questions; ; Appendix A Understanding .NET Security; ; Introduction; ; Permissions; ; Principal; ; Authentication; ; Authorization; ; Security Policy; ; Type Safety; ; Code Access Security; ; .NET Code Access Security Model; ; Role-Based Security; ; Principals; ; Role-Based Security Checks; ; Security Policies; ; Creating a New Permission Set; ; Modifying the Code Group Structure; ; Remoting Security; ; Cryptography; ; Security Tools; ; Summary> 
546 |a English. 
590 |a O'Reilly  |b O'Reilly Online Learning: Academic/Public Library Edition 
630 0 0 |a Active server pages  |x Security measures. 
630 0 7 |a Active server pages.  |2 fast  |0 (OCoLC)fst01388618 
650 0 |a Application software  |x Security measures. 
650 0 |a Computer networks  |x Security measures. 
650 6 |a Logiciels d'application  |x Sécurité  |x Mesures. 
650 6 |a Réseaux d'ordinateurs  |x Sécurité  |x Mesures. 
650 7 |a REFERENCE  |x General.  |2 bisacsh 
650 7 |a Computer networks  |x Security measures.  |2 fast  |0 (OCoLC)fst00872341 
650 7 |a Security systems.  |2 fast  |0 (OCoLC)fst01110883 
700 1 |a Foster, James C. 
776 0 8 |i Print version:  |a Burnett, Mark.  |t Hacking the code.  |d Rockland, MA : Syngress Pub., ©2004  |z 1932266658  |w (OCoLC)55222477 
856 4 0 |u https://learning.oreilly.com/library/view/~/9781932266658/?ar  |z Texto completo (Requiere registro previo con correo institucional) 
938 |a Books 24x7  |b B247  |n bks00003686 
938 |a ProQuest Ebook Central  |b EBLB  |n EBL183932 
938 |a ebrary  |b EBRY  |n ebr10056575 
938 |a EBSCOhost  |b EBSC  |n 109417 
938 |a Internet Archive  |b INAR  |n hackingcodeaspne0000burn 
938 |a YBP Library Services  |b YANK  |n 2613265 
938 |a YBP Library Services  |b YANK  |n 2361830 
994 |a 92  |b IZTAP 

Ejemplares similares