图书简介
The book will contain a number of sections addressing mobile application security issues on the Apple iOS, Google Android, Blackberry 10 and Windows Mobile platforms. In addition to this we propose to include sections on cross-platform Mobile Enterprise Application Platform Apps and a generic mobile application testing methodology. Insecure data storage - understanding the different types of client-side storage for each platform and how these can be identified. This will include source code demonstrating insecure implementations and case studies of real world Apps. Broken cryptography - understanding how poorly implemented cryptography can be defeated. This will include source code examples of insecure implementations. Insufficient transport layer protection - detailing how to identify insecure transport security and perform practical attacks against it. This will include practical examples on how to setup an environment for identifying such insecurities, insecure code examples and advice on implementing protection mechanisms. Data leakage - understanding the types of different unintentional data leakages that can arise on each of the different platforms, including caches, keystrokes, logging, images and browser data stores. Injection attacks - detailing the various injection attacks that can occur in mobile Apps, including but not limited to SQL injection, Cross-Site Scripting, XML injection and file inclusion vulnerabilities. This will include practical examples of how to perform these attacks, case studies of real world Apps and advice on remedial action. Bypassing security controls - detailing how to bypass various security controls such as but not limited to jailbreak/root detection, tamper detection, runtime protection and anti-debugging. Practical examples of how to develop extensions to perform these attacks, including detailed instructions on how to use existing tools. Cross Platform Apps - providing detailed information on how cross platform Apps work, the different attack categories that apply to these Apps and detailing practical steps to evaluate and exploit these vulnerabilities. This will include case studies from various MEAP applications and source code examples for various exploit payloads. Mobile App Testing Methodology - describing a detailed and proven methodology that introduces a thorough and comprehensive guide to assessing the security of mobile applications.
Trade Policy 买家须知
- 关于产品:
- ● 正版保障:本网站隶属于中国国际图书贸易集团公司,确保所有图书都是100%正版。
- ● 环保纸张:进口图书大多使用的都是环保轻型张,颜色偏黄,重量比较轻。
- ● 毛边版:即书翻页的地方,故意做成了参差不齐的样子,一般为精装版,更具收藏价值。
关于退换货:
- 由于预订产品的特殊性,采购订单正式发订后,买方不得无故取消全部或部分产品的订购。
- 由于进口图书的特殊性,发生以下情况的,请直接拒收货物,由快递返回:
- ● 外包装破损/发错货/少发货/图书外观破损/图书配件不全(例如:光盘等)
并请在工作日通过电话400-008-1110联系我们。
- 签收后,如发生以下情况,请在签收后的5个工作日内联系客服办理退换货:
- ● 缺页/错页/错印/脱线
关于发货时间:
- 一般情况下:
- ●【现货】 下单后48小时内由北京(库房)发出快递。
- ●【预订】【预售】下单后国外发货,到货时间预计5-8周左右,店铺默认中通快递,如需顺丰快递邮费到付。
- ● 需要开具发票的客户,发货时间可能在上述基础上再延后1-2个工作日(紧急发票需求,请联系010-68433105/3213);
- ● 如遇其他特殊原因,对发货时间有影响的,我们会第一时间在网站公告,敬请留意。
关于到货时间:
- 由于进口图书入境入库后,都是委托第三方快递发货,所以我们只能保证在规定时间内发出,但无法为您保证确切的到货时间。
- ● 主要城市一般2-4天
- ● 偏远地区一般4-7天
关于接听咨询电话的时间:
- 010-68433105/3213正常接听咨询电话的时间为:周一至周五上午8:30~下午5:00,周六、日及法定节假日休息,将无法接听来电,敬请谅解。
- 其它时间您也可以通过邮件联系我们:customer@readgo.cn,工作日会优先处理。
关于快递:
- ● 已付款订单:主要由中通、宅急送负责派送,订单进度查询请拨打010-68433105/3213。
本书暂无推荐
本书暂无推荐