INDEX

& (ampersand), 258, 259

* (asterisk), 238

∧ (caret), 255

% (percent sign), 237

_ (underscore), 238

; (semicolon), 258, 259

< > (angle brackets), 261

! character, 58

I (pipe) character, 258

3DES key, 290–291

Image A

access control, 107, 262

access control lists. See ACLs

access tokens, 168, 170–172

access/session token attacks, 178–195

account lockouts, 126–127, 128, 132, 381

accountability, 401–403, 405

Achilles tool, 26

ACLs (access control lists)

attacks on, 177–178

best practices, 211–214

considerations, 111, 168

file disclosure and, 320

NTFS, 111–112

web crawling, 169–170

Acrobat Reader, 346

Active Server Pages. See ASP

ActiveX controls ...

Get Hacking Exposed Web Applications, Third Edition, 3rd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial