Re: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security

From: Dean H. Saxe <dean_at_nospam>
Date: Tue Aug 14 2007 - 13:26:52 GMT
To: WASC Forum <websecurity@webappsec.org>

Reading this threat I picked up a copy of the Securing AJAX Applications book by Christopher Wells. Too bad it only briefly touched on anything specific to AJAX. Honestly this was the first O'Reilly book I have ever regretted purchasing since it has very little useful information that is related directly to its title. If you want a high level, generic view of web app security, this might fit the bill...

-dhs

Dean H. Saxe, CISSP, CEH
dean@fullfrontalnerdity.com
"To announce that there must be no criticism of the president, or that we are to stand by the president right or wrong, is not only unpatriotic and servile, but is morally treasonable to the American public."

Theodore Roosevelt

On Aug 11, 2007, at 11:17 PM, Billy Hoffman wrote:

> Andre,
>
> I will be putting up the slides on SPI's website very soon (we are
> all a little business with post black hat stuff and the HP merger).
> I'll forward the slides to you directly as well as a copy of the
> free chapter.
>
> Thanks for the interest, its going to be an awesome book,
> Billy Hoffman
> --
> Lead Researcher, SPI Labs
> Phone: 678-781-4800
> Direct: 678-781-4845
>
> -----Original Message-----
> From: andreg@gmail.com on behalf of Andre Gironda
> Sent: Fri 8/10/2007 7:59 PM
> To: websecurity@webappsec.org
> Subject: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security
>
> When searching for "Securing Ajax Applications", I came across this
> link:
>
> http://money.cnn.com/news/newsfeeds/articles/prnewswire/
> CLM00730072007-1.htm
>
> What I was really looking for was this - http://isbn.nu/9780596529314
>
> But after reading both, I'm convinced that Christopher Wells, Billy
> Hoffman, and Bryan Sullivan really know their stuff and explain all of
> the concepts rather well.
>
> Did anyone get a free print copy of the sample chapter from "Ajax
> Security" after the `Premature Ajax-ulation' talk? I'd be interested
> to hear which chapter they included. I'm also having a hard time
> finding the slides for that presentation. Will someone please point
> me in the right direction?
>
> Cheers,
> dre
>
> ----------------------------------------------------------------------
> ------
> Join us on IRC: irc.freenode.net #webappsec
>
> Have a question? Search The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/
>
> Subscribe via RSS:
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
>
>

This message: [ Message body ]
Next message: Aditya K Sood: "[Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability"
Previous message: Ali Soylu: "Re: [WEB SECURITY] SQL Injection, ORDER BY plus DROP TABLE"
In reply to: Billy Hoffman: "RE: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security"
Next in thread: Billy Hoffman: "RE: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security"
Reply: Billy Hoffman: "RE: [WEB SECURITY] Rough Cut of To-Be-Published Ajax Security"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]