Web Application Defender's Cookbook: Battling Hackers and Protecting Users

Front Cover
John Wiley & Sons, Jan 4, 2013 - Computers - 560 pages

Defending your web applications against hackers and attackers

The top-selling book Web Application Hacker's Handbook showed how attackers and hackers identify and attack vulnerable live web applications. This new Web Application Defender's Cookbook is the perfect counterpoint to that book: it shows you how to defend. Authored by a highly credentialed defensive security expert, this new book details defensive security methods and can be used as courseware for training network security personnel, web server administrators, and security consultants.

Each "recipe" shows you a way to detect and defend against malicious behavior and provides working code examples for the ModSecurity web application firewall module. Topics include identifying vulnerabilities, setting hacker traps, defending different access points, enforcing application flows, and much more.

  • Provides practical tactics for detecting web attacks and malicious behavior and defending against them
  • Written by a preeminent authority on web application firewall technology and web application defense tactics
  • Offers a series of "recipes" that include working code examples for the open-source ModSecurity web application firewall module

Find the tools, techniques, and expert information you need to detect and respond to web application attacks with Web Application Defender's Cookbook: Battling Hackers and Protecting Users.


What people are saying - Write a review

We haven't found any reviews in the usual places.


Installing the OWASP ModSecurity Core Rule Set CRS
Using the ModSecurity AuditConsole Chapter 2 Vulnerability Identification and Remediation Internally Developed Applications Externally Develope...
Reputation andThirdParty Correlation
Request Data Analysis
Defending Authentication Recipe 71Detecting theSubmission of CommonDefault Usernames
Passive Response Actions
Active Response Actions
Intrusive Response Actions Recipe 151 JavaScript CookieTesting Recipe 152 Validating Userswith CAPTCHA Testing Recipe 153 Hooking Maliciou...
Defending SessionState

Other editions - View all

Common terms and phrases

About the author (2013)

RYAN BARNETT is a Lead Security Researcher in Trustwave's SpiderLabs Team, an advanced security team focused on penetration testing, incident response, and application security. He is the ModSecurity web application firewall project lead, a SANS Institute certified instructor, and a frequent speaker at industry conferences.

Bibliographic information