More of a programmer"s guide than a security guide, Hacking the Code explains how certain code can be attacked, shows how you should edit the code, and offers case studies and examples for doing so. The book establishes policies for object input, and shows how to audit existing code for potential security problems.
People constantly ask security expert Mark Burnett for a guide to writing secure code. They don"t want a course on security, they want to fix their code. This book is a practical guide on how to maintain session state, how to properly handle cookies, how to get user input, and more. Instead of just telling you how to do it, Burnett shows actual code that can be dropped right into your applications. This book covers almost all security issues known. Burnett has put hundreds of hours of research into his code audit database and is now making that available to you. Это и многое другое вы найдете в книге Hacking the Code: Auditor's Guide to Writing Secure Code for the Web (Mark Burnett)