This practical guide provides both offensive and defensive security concepts that software engineers can easily learn and apply.

HTML5 -- HTML injection & cross-site scripting (XSS) -- Cross-site request forgery (CSRF) -- SQL injection & data store manipulation -- Breaking authentication schemes -- Abusing design deficiencies -- Leveraging platform weaknesses -- ...

This book's templates, checklists, and examples are designed to help you get started right away.

This innovative book shows you how they do it. This is hands-on stuff.

This expert guide describes a systematic, task-based approach to security that can be applied to both new and existing applications.

Fully revised and updated to cover the latest Web exploitation techniques, Hacking Exposed Web Applications, Second Edition shows you, step-by-step, how cyber-criminals target vulnerable sites, gain access, steal critical data, and execute ...

Web Application Obfuscation takes a look at common Web infrastructure and security controls from an attacker's perspective, allowing the reader to understand the shortcomings of their security systems.

The book is organized into four sections: Provides a clear view of the growing footprint of web applications Explores the foundations of secure web application development and the risk management process Delves into tactical web application ...