Websites and Applications
In This Chapter
Testing websites and web applications
Hacking with Google
Protecting against SQL injection and cross-site scripting
Preventing login weaknesses
Countering web abuse
Analyzing the source code
Websites and web applications are common targets for attack because they’re everywhere and often open for anyone to poke and prod. Basic websites used for marketing, contact information, document downloads, and so on are especially easy for the bad guys to play around with. However, for criminal hackers, websites that provide a front end to complex applications and databases that store valuable information, such as credit card and Social Security numbers, are especially attractive. This is where the money is, both literally and figuratively.
Why are websites and applications so vulnerable? The consensus is that they’re vulnerable because of ...