Product DescriptionMore of a programmer's guide than a security guide, Hacking the Code explains how certain code can be attacked, shows how you should edit the code, and offers case studies and examples for doing so. The book establishes policies for object input, and shows how to audit existing code for potential security problems.
People constantly ask security expert Mark Burnett for a guide to writing secure code. They don't want a course on security, they want to fix their code. This book is a practical guide on how to maintain session state, how to properly handle cookies, how to get user input, and more. Instead of just telling you how to do it, Burnett shows actual code that can be dropped right into your applications. This book covers almost all security issues known. Burnett has put hundreds of hours of research into his code audit database and is now making that available to you.
Customer Reviews
Average Rating:
Rating: - Definitely a worthy book for developers and security pros alike
Hacking the Code is a must read if you want to pick apart .NET Web applications in the name of better security. More people in development and IT need to read books like this. I like how it focuses on ASP.NET - the language that a large portion of Web applications are developed in today. The book covers the important areas of securing applications and shows some good examples. Appendix A also has some good ASP.NET code samples for real-world concerns.
Rating: - Spot on
In my never ending attempt to educate myself on web application security I thought it would be a great idea to look at this from the developer perspective. This text is a great piece on the ASP.NET side of development and security. It does a great job of showing what the developer may normally code and why that is NOT security oriented. It is a great tool for bridging the gap between security team and developer team so that you can speak intelligently on both even though you are NOT a developer ... Read More
Rating: - Great book
english is not my native language but this book has a clear language that is easy to understant and examples are very good. Writer tells many experiences that he faced at past about security, it's vulnarables and precautions.
I highly recommend this book.
Rating: - Secure Coding 101
Personally I work as a penetration tester, so Hacking the Code was right up my alley. I read the book over the course of a day, stuck at an airport. (...)Mark has a certain way of showing information to the reader in a very clear and thought-out manor. Content of the book may be of highly technical nature but it is very easy to read (a rare mix). By the end of the book I felt like I knew everything about ASP, its amazing how much there really is to know.
If you work in the security industry ... Read More
Rating: - very unprofessional
The authors can't connect two words together. Don't waste money on this book.
- Definitely a worthy book for developers and security pros alike
- Spot on
- very unprofessional
