LEADER 05871oam 2200769 a 450 001 9910963663403321 005 20250219195550.0 010 $a9786613258212 010 $a9781283258210 010 $a1283258218 010 $a9781118175224 010 $a1118175220 035 $a(CKB)2550000000051735 035 $a(EBL)819008 035 $a(OCoLC)759159321 035 $a(SSID)ssj0000642778 035 $a(PQKBManifestationID)11372030 035 $a(PQKBTitleCode)TC0000642778 035 $a(PQKBWorkID)10649105 035 $a(PQKB)10498589 035 $a(Au-PeEL)EBL819008 035 $a(CaPaEBR)ebr10494632 035 $a(CaSebORM)9781118026472 035 $a(MiAaPQ)EBC819008 035 $a(OCoLC)786167000 035 $a(OCoLC)ocn786167000 035 $a(OCoLC)ocn786167000 035 $a(EXLCZ)992550000000051735 100 $a20110818d2011 uy 0 101 0 $aeng 135 $aurgn#---uuuuu 181 $ctxt$2rdacontent 182 $cc$2rdamedia 183 $acr$2rdacarrier 200 14$aThe web application hacker's handbook $efinding and exploiting security flaws /$fDafydd Stuttard, Marcus Pinto 205 $aSecond edition. 210 1$aIndianapolis, IN :$cJohn Wiley & Sons, Inc.,$d[2011]. 210 4$dİ2011 215 $a1 online resource (xxxiii, 878 pages) $cillustrations 300 $aPrevious edition published as: The web application hacker's handbook : discovering and exploiting security flaws. 2008. 300 $aDescription based upon print version of record. 300 $aIncludes index. 311 0 $a9781118026472 311 0 $a1118026470 327 $aThe Web Application Hacker's Handbook; Contents; Introduction; Chapter 1 Web Application (In)security; The Evolution of Web Applications; Common Web Application Functions; Benefits of Web Applications; Web Application Security; ""This Site Is Secure""; The Core Security Problem: Users Can Submit Arbitrary Input; Key Problem Factors; The New Security Perimeter; The Future of Web Application Security; Summary; Chapter 2 Core Defense Mechanisms; Handling User Access; Authentication; Session Management; Access Control; Handling User Input; Varieties of Input; Approaches to Input Handling 327 $aBoundary ValidationMultistep Validation and Canonicalization; Handling Attackers; Handling Errors; Maintaining Audit Logs; Alerting Administrators; Reacting to Attacks; Managing the Application; Summary; Questions; Chapter 3 Web Application Technologies; The HTTP Protocol; HTTP Requests; HTTP Responses; HTTP Methods; URLs; REST; HTTP Headers; Cookies; Status Codes; HTTPS; HTTP Proxies; HTTP Authentication; Web Functionality; Server-Side Functionality; Client-Side Functionality; State and Sessions; Encoding Schemes; URL Encoding; Unicode Encoding; HTML Encoding; Base64 Encoding; Hex Encoding 327 $aRemoting and Serialization FrameworksNext Steps; Questions; Chapter 4 Mapping the Application; Enumerating Content and Functionality; Web Spidering; User-Directed Spidering; Discovering Hidden Content; Application Pages Versus Functional Paths; Discovering Hidden Parameters; Analyzing the Application; Identifying Entry Points for User Input; Identifying Server-Side Technologies; Identifying Server-Side Functionality; Mapping the Attack Surface; Summary; Questions; Chapter 5 Bypassing Client-Side Controls; Transmitting Data Via the Client; Hidden Form Fields; HTTP Cookies; URL Parameters 327 $aThe Referer HeaderOpaque Data; The ASP.NET ViewState; Capturing User Data: HTML Forms; Length Limits; Script-Based Validation; Disabled Elements; Capturing User Data: Browser Extensions; Common Browser Extension Technologies; Approaches to Browser Extensions; Intercepting Traffic from Browser Extensions; Decompiling Browser Extensions; Attaching a Debugger; Native Client Components; Handling Client-Side Data Securely; Transmitting Data Via the Client; Validating Client-Generated Data; Logging and Alerting; Summary; Questions; Chapter 6 Attacking Authentication; Authentication Technologies 327 $aDesign Flaws in Authentication MechanismsBad Passwords; Brute-Forcible Login; Verbose Failure Messages; Vulnerable Transmission of Credentials; Password Change Functionality; Forgotten Password Functionality; ""Remember Me"" Functionality; User Impersonation Functionality; Incomplete Validation of Credentials; Nonunique Usernames; Predictable Usernames; Predictable Initial Passwords; Insecure Distribution of Credentials; Implementation Flaws in Authentication; Fail-Open Login Mechanisms; Defects in Multistage Login Mechanisms; Insecure Storage of Credentials; Securing Authentication 327 $aUse Strong Credentials 330 $aThe highly successful security book returns with a new edition, completely updated Web applications are the front door to most organizations, exposing them to attacks that may disclose personal information, execute fraudulent transactions, or compromise ordinary users. This practical book has been completely updated and revised to discuss the latest step-by-step techniques for attacking and defending the range of ever-evolving web applications. You'll explore the various new technologies employed in web applications that have appeared since the first edition and review the new attack 517 3 $aFinding and exploiting security flaws 606 $aInternet$xSecurity measures 606 $aComputer security 615 0$aInternet$xSecurity measures. 615 0$aComputer security. 676 $a004 676 $a005.8 700 $aStuttard$b Dafydd$f1972-$01789516 701 $aPinto$b Marcus$f1978-$01789517 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a9910963663403321 996 $aThe web application hacker's handbook$94325115 997 $aUNINA LEADER 05178nam 2200685Ia 450 001 9910973584603321 005 20200520144314.0 010 $a1-04-017070-6 010 $a0-429-14207-2 010 $a1-58488-918-7 024 7 $a10.1201/EBK1584889175 035 $a(CKB)2670000000033117 035 $a(EBL)555711 035 $a(OCoLC)652654235 035 $a(SSID)ssj0000414237 035 $a(PQKBManifestationID)11307058 035 $a(PQKBTitleCode)TC0000414237 035 $a(PQKBWorkID)10401383 035 $a(PQKB)10085636 035 $a(Au-PeEL)EBL555711 035 $a(CaPaEBR)ebr10405036 035 $a(CaONFJC)MIL694454 035 $a(OCoLC)632070587 035 $a(FINmELB)ELB166684 035 $a(MiAaPQ)EBC555711 035 $a(EXLCZ)992670000000033117 100 $a20100525d2011 uy 0 101 0 $aeng 135 $aur|n|---||||| 181 $ctxt 182 $cc 183 $acr 200 10$aClinical trial methodology /$fKarl E. Peace, Ding-Geng (Din) Chen 205 $a1st ed. 210 $aBoca Raton $cChapman and Hall/CRC Press$dc2011 215 $a1 online resource (422 p.) 225 1 $aChapman & Hall/CRC biostatistics series ;$v35 300 $aDescription based upon print version of record. 311 08$a1-322-63172-7 311 08$a1-58488-917-9 320 $aIncludes bibliographical references and index. 327 $aFront cover; Contents; Preface; Chapter 1: Overview of Clinical Trial Methodology; Chapter 2: Overview of the Drug Development Processand Regulation of Clinical Trials; Chapter 3: Ethical Considerations in the Designand Conduct of Clinical Trials; Chapter 4: Sample Size Considerations in ClinicalTrials Pre-Market Approval; Chapter 5: Sequential, Group Sequential, StochasticCurtailment, and Adaptive DesignProcedures in Clinical Trials; Chapter 6: Biostatistical Aspects of the Protocol; Chapter 7: The Statistical Analysis Plan; Chapter 8: Pooling of Data from Multicenter Clinical Trials 327 $aChapter 9: Validity of Statistical InferenceChapter 10: Bioequivalence Clinical Trials; Chapter 11: Dose and Frequency Determinationfrom Phase II Clinical Trials in StressTest-Induced Angina; Chapter 12: Confirmation of Clinically Optimal Dosingin the Treatment of Duodenal Ulcers:A Phase III Dose Comparison Trial; Chapter 13: Pivotal Proof-of-Efficacy Clinical Trialsin the Prevention of NANSAID-InducedGastric Ulceration; Chapter 14: Clinical Trials in the Treatmentof Alzheimer's Disease Based uponEnrichment Designs; Chapter 15: A Clinical Trial to Establish Reductionof CHD Risk 327 $aChapter 16: Pivotal Proof-of-Efficacy Clinical Trialsin the Treatment of Panic DisorderChapter 17: Combination Clinical Trials; Chapter 18: Monitoring Clinical Trials for Adverse Events; Index; Back cover 330 $aNow viewed as its own scientific discipline, clinical trial methodology encompasses the methods required for the protection of participants in a clinical trial and the methods necessary to provide a valid inference about the objective of the trial. Drawing from the authors courses on the subject as well as the first authors more than 30 years working in the pharmaceutical industry, Clinical Trial Methodology emphasizes the importance of statistical thinking in clinical research and presents the methodology as a key component of clinical research. From ethical issues and sample size considerations to adaptive design procedures and statistical analysis, the book first covers the methodology that spans every clinical trial regardless of the area of application. Crucial to the generic drug industry, bioequivalence clinical trials are then discussed. The authors describe a parallel bioequivalence clinical trial of six formulations incorporating group sequential procedures that permit sample size re-estimation. The final chapters incorporate real-world case studies of clinical trials from the authors own experiences. These examples include a landmark Phase III clinical trial involving the treatment of duodenal ulcers and Phase III clinical trials that contributed to the first drug approved for the treatment of Alzheimers disease. Aided by the U.S. FDA, the U.S. National Institutes of Health, the pharmaceutical industry, and academia, the area of clinical trial methodology has evolved over the last six decades into a scientific discipline. This guide explores the processes essential for developing and conducting a quality clinical trial protocol and providing quality data collection, biostatistical analyses, and a clinical study report, all while maintaining the highest standards of ethics and excellence--Provided by publisher. 410 0$aChapman & Hall/CRC biostatistics series ;$v35. 606 $aClinical trials 606 $aDrugs$xTesting 615 0$aClinical trials. 615 0$aDrugs$xTesting. 676 $a615.5072/4 700 $aPeace$b Karl E.$f1941-$01771589 701 $aChen$b Ding-Geng$0767993 801 0$bMiAaPQ 801 1$bMiAaPQ 801 2$bMiAaPQ 906 $aBOOK 912 $a9910973584603321 996 $aClinical trial methodology$94398136 997 $aUNINA