ASP.NET Resources
	Tutorials & HOW TOs
	ASP.NET Feeds
	Articles
	Blogs - ASP.NET Team
	Blogs - Others
	Conferences & Events
	Forums
	Microsoft KB Articles
	ASP.NET Store
	Books (including reviews)
	Software
	Videos
	ASP.NET Directory
	Applications
	Articles & Samples
	Components & Controls
	Developer Sites
	Hosting Services
Post your ASP Questions here! ASP.NET Hosting .Net software programmers
	.NET Downloads
	.NET Framework 3.5
	.NET Framework 3.0
	.NET Framework 2.0
	Visual Studio 2008
	Visual Web Dev 2008 Express
	Visual Web Dev 2005 Express
	ASP.NET Web Matrix

Store See larger picture Hacking the Code: ASP.NET Web Application Security by Mark Burnett - Syngress List Price: $49.95 Price at Amazon.com: $48.95 (Save 2%) Availability: Usually ships in 24 hours Shipping rates and policies Average Customer Review: Based on 10 reviews. Amazon.com Sales Rank: 411139 Product Description More of a programmer's guide than a security guide, Hacking the Code explains how certain code can be attacked, shows how you should edit the code, and offers case studies and examples for doing so. The book establishes policies for object input, and shows how to audit existing code for potential security problems. People constantly ask security expert Mark Burnett for a guide to writing secure code. They don't want a course on security, they want to fix their code. This book is a practical guide on how to maintain session state, how to properly handle cookies, how to get user input, and more. Instead of just telling you how to do it, Burnett shows actual code that can be dropped right into your applications. This book covers almost all security issues known. Burnett has put hundreds of hours of research into his code audit database and is now making that available to you. Featured Customer Reviews Definitely a worthy book for developers and security pros alike, September 03, 2008 Hacking the Code is a must read if you want to pick apart .NET Web applications in the name of better security. More people in development and IT need to read books like this. I like how it focuses on ASP.NET - the language that a large portion of Web applications are developed in today. The book covers the important areas of securing applications and shows some good examples. Appendix A also has some good ASP.NET code samples for real-world concerns. I especially like the coverage on authentication mechanisms which is something that's often taken for granted by developers but where I tend to find a lot of the weaknesses in the work I do. Plus it doesn't just focus on the technical side of things with the coverage of users awareness and policies. Overall, very good at covering the root of many of our security problems. Spot on, February 06, 2008 In my never ending attempt to educate myself on web application security I thought it would be a great idea to look at this from the developer perspective. This text is a great piece on the ASP.NET side of development and security. It does a great job of showing what the developer may normally code and why that is NOT security oriented. It is a great tool for bridging the gap between security team and developer team so that you can speak intelligently on both even though you are NOT a developer or security professional. If you have an ASP.NET dev shop in your environment you should have someone if not everyone from your dev and security teams read this book to facilitate a more open line of commination between the two. Highly recommended. Great book, September 08, 2006 english is not my native language but this book has a clear language that is easy to understant and examples are very good. Writer tells many experiences that he faced at past about security, it's vulnarables and precautions. I highly recommend this book. Secure Coding 101, September 01, 2005 Personally I work as a penetration tester, so Hacking the Code was right up my alley. I read the book over the course of a day, stuck at an airport. (...)Mark has a certain way of showing information to the reader in a very clear and thought-out manor. Content of the book may be of highly technical nature but it is very easy to read (a rare mix). By the end of the book I felt like I knew everything about ASP, its amazing how much there really is to know. If you work in the security industry then this book is a must, however, if you are a developer, webmaster or even someone curious about code security, READ IT. Highly recommend very unprofessional, June 09, 2005 The authors can't connect two words together. Don't waste money on this book. You might also be interested in these items... Improving Web Application Security: Threats and Countermeasures Developing More-Secure Microsoft® ASP.NET 2.0 Applications (Pro Developer) The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws Building Secure Microsoft ASP.NET Applications (Pro-Developer) How to Break Web Software: Functional and Security Testing of Web Applications and Web Services. Book & CD