How to Break Web Software

Functional and Security Testing of Web Applications and Web Services

Nonfiction, Computers, Networking & Communications, Computer Security, Operating Systems, Application Software
Cover of the book How to Break Web Software by Mike Andrews, James A. Whittaker, Pearson Education
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: Mike Andrews, James A. Whittaker ISBN: 9780321657510
Publisher: Pearson Education Publication: February 2, 2006
Imprint: Addison-Wesley Professional Language: English
Author: Mike Andrews, James A. Whittaker
ISBN: 9780321657510
Publisher: Pearson Education
Publication: February 2, 2006
Imprint: Addison-Wesley Professional
Language: English

"The techniques in this book are not an option for testers—they are mandatory and these are the guys to tell you how to apply them!"
—HarryRobinson, Google.

 

Rigorously test and improve the security of all your Web software!

 

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

 

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

 

·   Client vulnerabilities, including attacks on client-side validation

·   State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

·   Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

·   Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

·   Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

·   Cryptography, privacy, and attacks on Web services

 

Your Web software is mission-critical—it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software—systematically.

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

"The techniques in this book are not an option for testers—they are mandatory and these are the guys to tell you how to apply them!"
—HarryRobinson, Google.

 

Rigorously test and improve the security of all your Web software!

 

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

 

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

 

·   Client vulnerabilities, including attacks on client-side validation

·   State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

·   Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

·   Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

·   Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

·   Cryptography, privacy, and attacks on Web services

 

Your Web software is mission-critical—it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software—systematically.

More books from Pearson Education

Cover of the book Reflections on Management by Mike Andrews, James A. Whittaker
Cover of the book Math for the Non-Math Lovers (Collection) by Mike Andrews, James A. Whittaker
Cover of the book My iPad for Kids (Covers iOS 6 on iPad 3rd or 4th generation, and iPad mini) by Mike Andrews, James A. Whittaker
Cover of the book BBC PORTUGUESE PHRASE BOOK & DICTIONARY by Mike Andrews, James A. Whittaker
Cover of the book Profiting with Synthetic Annuities by Mike Andrews, James A. Whittaker
Cover of the book Open Brand by Mike Andrews, James A. Whittaker
Cover of the book Microsoft Visual C# 2013 Step by Step by Mike Andrews, James A. Whittaker
Cover of the book Adobe Dreamweaver CS3 On Demand by Mike Andrews, James A. Whittaker
Cover of the book The Wisdom of Investing in ETFs by Mike Andrews, James A. Whittaker
Cover of the book Designing and Deploying 802.11 Wireless Networks by Mike Andrews, James A. Whittaker
Cover of the book New Brand Leadership by Mike Andrews, James A. Whittaker
Cover of the book Beginning Programming in 24 Hours, Sams Teach Yourself by Mike Andrews, James A. Whittaker
Cover of the book Agile Project Management with Kanban by Mike Andrews, James A. Whittaker
Cover of the book How to Get On with Anyone by Mike Andrews, James A. Whittaker
Cover of the book Cisco Voice over IP (CVOICE) (Authorized Self-Study Guide) by Mike Andrews, James A. Whittaker
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy