O'Reilly logo

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Hacking the Code

Book Description

Hacking the Code has over 400 pages of dedicated exploit, vulnerability, and tool code with corresponding instruction. Unlike other security and programming books that dedicate hundreds of pages to architecture and theory based flaws and exploits, Hacking the Code dives right into deep code analysis. Previously undisclosed security research in combination with superior programming techniques from Foundstone and other respected organizations is included in both the Local and Remote Code sections of the book.

The book is accompanied with a FREE COMPANION CD containing both commented and uncommented versions of the source code examples presented throughout the book. In addition to the book source code, the CD also contains a copy of the author-developed Hacker Code Library v1.0. The Hacker Code Library includes multiple attack classes and functions that can be utilized to quickly create security programs and scripts. These classes and functions simplify exploit and vulnerability tool development to an extent never before possible with publicly available software.

  • Learn to quickly create security tools that ease the burden of software testing and network administration
  • Find out about key security issues regarding vulnerabilities, exploits, programming flaws, and secure code development
  • Discover the differences in numerous types of web-based attacks so that developers can create proper quality assurance testing procedures and tools
  • Learn to automate quality assurance, management, and development tasks and procedures for testing systems and applications
  • Learn to write complex Snort rules based solely upon traffic generated by network tools and exploits

Table of Contents

  1. Cover
  2. Title page
  3. Table of Contents
  4. Copyright
  5. Acknowledgments
  6. Author
  7. Contributor
  8. Technical Editor
  9. Chapter 1: Managing Users
    1. Introduction
    2. Establishing User Credentials
    3. Managing Passwords
    4. Resetting Lost or Forgotten Passwords
    5. Empowering Users
    6. Coding Standards Fast Track
    7. Code Audit Fast Track
  10. Chapter 2: Authenticating and Authorizing Users
    1. Introduction
    2. Authenticating Users
    3. Authorizing Users
    4. Coding Standards Fast Track
    5. Code Audit Fast Track
  11. Chapter 3: Managing Sessions
    1. Introduction
    2. Maintaining State
    3. Using ASP.NET Tokens
    4. Enhancing ASP.NET State Management
    5. Coding Standards Fast Track
    6. Code Audit Fast Track
  12. Chapter 4: Encrypting Private Data
    1. Introduction
    2. Using Cryptography in ASP.NET
    3. Working with .NET Encryption Features
    4. Protecting Communications with SSL
    5. Coding Standards Fast Track
    6. Code Audit Fast Track
  13. Chapter 5: Filtering User Input
    1. Introduction
    2. Handling Malicious Input
    3. Constraining Input
    4. Limiting Exposure to Malicious Input
    5. Coding Standards Fast Track
    6. Code Audit Fast Track
  14. Chapter 6: Accessing Data
    1. Introduction
    2. Securing Databases
    3. Writing Secure Data Access Code
    4. Coding Standards Fast Track
    5. Code Audit Fast Track
  15. Chapter 7: Developing Secure ASP.NET Applications
    1. Introduction
    2. Writing Secure HTML
    3. Handling Exceptions
    4. Coding Standards Fast Track
    5. Code Audit Fast Track
  16. Chapter 8: Securing XML
    1. Introduction
    2. Applying XML Encryption
    3. Applying XML Digital Signatures
    4. Coding Standards Fast Track
    5. Coding Audit Fast Track
  17. Appendix A: Understanding .NET Security
  18. Appendix B: Glossary of Web Application Security Threats
  19. Index