INDEX

& (ampersand), 258, 259

* (asterisk), 238

∧ (caret), 255

% (percent sign), 237

_ (underscore), 238

; (semicolon), 258, 259

< > (angle brackets), 261

! character, 58

I (pipe) character, 258

3DES key, 290–291

Image A

access control, 107, 262

access control lists. See ACLs

access tokens, 168, 170–172

access/session token attacks, 178–195

account lockouts, 126–127, 128, 132, 381

accountability, 401–403, 405

Achilles tool, 26

ACLs (access control lists)

attacks on, 177–178

best practices, 211–214

considerations, 111, 168

file disclosure and, 320

NTFS, 111–112

web crawling, 169–170

Acrobat Reader, 346

Active Server Pages. See ASP

ActiveX controls ...

Get Hacking Exposed Web Applications, Third Edition, 3rd Edition now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.