Cross Site Scripting Attacks: Cross Site Scripting Exploits and Defense (Paperback)

Customers buy this book with The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard

+

Price For Both: £58.19

Show availability and shipping details

• This item: Cross Site Scripting Attacks: Cross Site Scripting Exploits and Defense by Seth Fogie

  In stock.
  Dispatched from and sold by Amazon.co.uk.
  This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
  

• The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard

  In stock.
  Dispatched from and sold by Amazon.co.uk.
  This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
  

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard 3.0 out of 5 stars (2)  £22.09

Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton 5.0 out of 5 stars (2)  £33.99

Metasploit Toolkit for Penetration Testing, Exploit Development, and Vulnerability Research by David Maynor 4.0 out of 5 stars (1)  £28.49

Professional Pen Testing for Web Applications (Programmer to Programmer) by Andres Andreu 5.0 out of 5 stars (1)  £18.19

Ajax Security by Billy Hoffman £30.59

› Explore similar items

Product Description
Cross Site Scripting Attacks starts by defining the terms and laying out the ground work. It assumes that the reader is familiar with basic web programming (HTML) and JavaScript. First it discusses the concepts, methodology, and technology that makes XSS a valid concern. It then moves into the various types of XSS attacks, how they are implemented, used, and abused. After XSS is thoroughly explored, the next part provides examples of XSS malware and demonstrates real cases where XSS is a dangerous risk that exposes internet users to remote access, sensitive data theft, and monetary losses. Finally, the book closes by examining the ways developers can avoid XSS vulnerabilities in their web applications, and how users can avoid becoming a victim. The audience is web developers, security practitioners, and managers.

*XSS Vulnerabilities exist in 8 out of 10 Web sites
*The authors of this book are the undisputed industry leading authorities
*Contains independent, bleeding edge research, code listings and exploits that can not be found anywhere else

About the Author
Seth Fogie is the VP of Dallas-based Airscanner Corporation where he oversees the development of security software for the Window Mobile (Pocket PC) platform. He has co-authored numerous technical books on information security, including the top selling "Maximum Wireless Security" from SAMS, and "Security Warrior" from O'Reilly. Seth frequently speaks at IT and security conferences/seminars, including Black Hat, Defcon, CSI, and Dallascon. In addition, Seth has co-authored the HIPAA medical education course for the Texas Medical Associate and is acting Site Host for Security at the "InformIT.com" website where he writes articles and reviews/manages weekly information security related books and articles

Jeremiah Grossman, founder and chief technology officer of WhiteHat Security, is a world-renowned expert in web application security and a founding member of the Web Application Security Consortium (WASC). At WhiteHat, Mr. Grossman is responsible for web application security R&D and industry evangelism. He is a frequent speaker at industry events including the Black Hat Briefings, ISACA, OWASP, NASA, ISSA and Defcon. A trusted media resource, Mr. Grossman has been featured in USA Today, the Washington Post, Information Week, NBC Nightly News, and many others. Prior to WhiteHat, Mr. Grossman was an information security officer at Yahoo!

Robert Hansen, also known as RSnake, is the founder of the ha.ckers.org web application security lab and has been heavily involved in the hacking and the security industry since the mid 1990s. Robert has worked in banner advertizing and built click fraud detection in his role as CSO for several startups. For many years he ran the managed security services product lines for Cable & Wireless. At eBay he worked on anti-cross site scripting, anti-phishing, anti-virus and web application intrusion detection and countermeasures. He has spoken at Black Hat, the Gartner security round table and at Networld+Interop and he is a member of WASC, OWASP, and ISSA.

Anton Rager is a Sr. Security Engineer with Avaya Labs and a founding member of Avaya's Enterprise Security Practice. He specializes in vulnerability research, VPN security and wireless security and is best known for his WEPCrack, WEPWedgie and IKECrack security tools. He has presented at Defcon, Toorcon, Interz0ne and many other lesser-known conferences, and was a contributing technical editor to the book Maximum Wireless Security.

Petko "pdp" D. Petkov is a senior IT security consultant based in London, United Kingdom. His day-to-day work involves identifying vulnerabilities, building attack strategies and creating attack tools and penetration testing infrastructures. Petko is known in the underground circles as pdp or architect but his name is well known in the IT security industry for his strong technical background and creative thinking. He has been working for some of the world's top companies, providing consultancy on the latest security vulnerabilities and attack technologies. His latest project, GNUCITIZEN (gnucitizen.org), is one of the leading web application security resources on-line where part of his work is disclosed for the benefit of the public. Petko defines himself as a cool hunter in the security circles.

Browse Sample Pages
Front Cover | Copyright | Table of Contents | Excerpt | Index

Search inside this book:

3 Reviews 5 star:  (2) 4 star:    (0) 3 star:  (1) 2 star:    (0) 1 star:    (0)           Average Customer Review 4.3 out of 5 stars (3 customer reviews)		Share your thoughts with other customers: Create your own review
Most Helpful Customer Reviews   3.0 out of 5 stars Spoiled by poor English, 15 Jun 2009 By  Cryptoman - See all my reviews I found the standard of English in this book to be so poor that at times it actually prevented clear understanding of the points being expressed. They have obviously used a spell-checker but not had it proof-read by a human being. The content itself was adequate. Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)   5.0 out of 5 stars A great read, 26 Feb 2008 By  K. H. Smith "C" (Seattle) - See all my reviews (REAL NAME)    This book is pretty much where it's at with regard to the various forms of XSS. The only downside I can think of is it doesn't seem to have been proof read, or if it has, by someone who can't read. Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)   0 of 1 people found the following review helpful: 5.0 out of 5 stars XSS is everywhere, 2 Oct 2007 By  kiwi-hacker (UK) - See all my reviews XSS is everywhere, it is one of hte most common web attacks against web sites - ranging from defacement, worms and identity theft. But most of all it's so easy to fix. This is a good easy read - helping those to understand what it is and others on how to exploit this in a ethical way. Pentesters this should be another on your bookshelf. Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this) Share your thoughts with other customers: Create your own review › See all 3 customer reviews...		Ad feedback   Search Customer Reviews Only search this product's reviews

PhD in Computer Science Essentials: A list by 4d696368616c6973   Books to die for: A list by Mark Gilbert   Complinet Technical Books: A list by R. Gancarz Create a Listmania! list

Search Listmania!

• Books > Computing & Internet > Digital Lifestyle > Online Shopping > Amazon
• Books > Computing & Internet > Networking & Security > Security > Cryptography & Encryption
• Books > Computing & Internet > Networking & Security > Security > Network Security

• Would you like to update product info or give feedback on images?
• I am the Author, and I want to comment on my book.
• I am the Publisher, and I want to comment on this book.