Hacking Exposed Web Applications, Third Edition — The Definitive Guide to Modern Web App Attacks & Defenses

Stay ahead of today’s most dangerous web-based threats with the fully updated third edition of Hacking Exposed Web Applications. Written by world‑renowned security experts, this authoritative guide reveals how modern attackers infiltrate web applications—and provides the proven countermeasures you need to defend them.

This edition dives into the newest exploitation methods affecting today’s most widely used platforms, browsers, and application frameworks. From understanding the hacker’s mindset to integrating strong security practices into the entire development lifecycle, this resource delivers the deep, practical insight essential for developers, analysts, and security engineers.

Inside you’ll learn how to:

• Analyze hacker reconnaissance using tools such as SHODAN, Maltego, OWASP DirBuster, and more

• Understand and counter exploitation of platforms like Sun Java System Web Server and Oracle WebLogic

• Strengthen authentication and authorization mechanisms against modern bypass techniques

• Detect and block session hijacking, data‑leakage attacks, and real‑world session manipulation

• Protect your apps from SQL injection, XSS, XSRF, XML injection, phishing, and other high‑impact attacks

• Harden ASP.NET, PHP, and J2EE application environments

• Safely deploy XML services, Web 2.0 features, social networking integrations, cloud components, and more

• Defend against RIA, Ajax, UGC, and browser‑side exploitation

• Implement scalable threat modeling, code review, fuzzing, app scanning, and end‑to‑end security testing

A must‑have resource for anyone responsible for developing, deploying, or protecting modern web applications.