HACKING EXPOSED WEB APPLICATIONS, 3rd Edition

Hailstorm 3.0, 444445

hashing algorithms, 133

headers, 5

Location, 75

helper files, 4950

hidden form fields, 172, 173

hidden resources, 169

hijacked accounts, 193

HIP, 382383

See also CAPTCHAs

horizontal privilege escalation, 186191

HTML

comments, 5253

examining source code, 3536

file, path , and user disclosure, 312

injection, 220224

source code strings, 5354

and web clients , 78

HTTP

common response codes, 313

methods , headers and body, 46

unexpected methods, 3031

HTTP headers, manual tampering attacks against, 172175

HTTP proxies, 1718

Burp Intruder, 2122

Fiddler, 1921

OWASP WebScarab, 1819, 20

Paros Proxy, 18, 19

Watchfire PowerTools, 2223

HTTP response splitting, 212213

httprint tool, 32

See also fingerprinting

HTTP/S proxy, tools, 472

Human Interactive Proof (HIP), 382383

See also CAPTCHAs