Hacking the Code: ASP.NET Web Application Security

Features

• Cover Type: Paperback with 472 pages
• Published by: Syngress
• Edition: 1st Edition May 2004
• Written in: English
• ISBN 10 Number: 1932266658
• ISBN 13 Number: 978-1932266658
• Book Dimensions: 8.9 x 7.4 x 1.1 inches
• Weighs: 1.4 pounds

Book Description
Hacker Code will have over 400 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, HC1 will dive right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques from Foundstone and other respected organizations will be included in both the Local and Remote Code sections of the book.

The book will be accompanied with a FREE COMPANION CD containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD will also contain a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library will include multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions will simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.

* Learn to quickly create security tools that ease the burden of software testing and network administration
* Find out about key security issues regarding vulnerabilities, exploits, programming flaws, and secure code development
* Discover the differences in numerous types of web-based attacks so that developers can create proper quality assurance testing procedures and tools
* Learn to automate quality assurance, management, and development tasks and procedures for testing systems and applications
* Learn to write complex Snort rules based solely upon traffic generated by network tools and exploits

Download Description
Unlike other security and programming books that dedicate hundreds of pages to architecture and theory-based flaws and exploits, Hacker Code dives right into deep code analysis, security tool creation, and software testing. The local code and remote code sections of the book include previously undisclosed security research in combination with superior programming techniques from Foundstone and other respected organizations. --This text refers to the Digital edition.

Reader Reviews
I liked the content here a lot but the organization needs work, and the text is really too terse. In fact, I felt like I was reading an outline. Granted, there are code samples and the book covers all of the important basics, like security database access, validating user input and encrypting critical data. This is good introductory material on the serious security issues that need to be dealt with when you are developing any web application (not just ASP.NET). But the organization, for me, really detracts from the value of the work. The book is organized into chapters along the high level groups of issues like data security, sessions, and authentication. Then within each chapter there are a set of threats with discussions and example code. Think of it like a cookbook where the definition of the problem is a lot more terse. At the end of each chapter is a check list and a short FAQ section. This is not an introductory level book. This is for engineers who understand the ASP.NET framework and are looking for practical advice on how to secure their applications against malicious use. Comment | | (Report this)