How to Break Web Software

Functional and Security Testing of Web Applications and Web Services

Nonfiction, Computers, Networking & Communications, Computer Security, Operating Systems, Application Software
Cover of the book How to Break Web Software by Mike Andrews, James A. Whittaker, Pearson Education
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: Mike Andrews, James A. Whittaker ISBN: 9780321657510
Publisher: Pearson Education Publication: February 2, 2006
Imprint: Addison-Wesley Professional Language: English
Author: Mike Andrews, James A. Whittaker
ISBN: 9780321657510
Publisher: Pearson Education
Publication: February 2, 2006
Imprint: Addison-Wesley Professional
Language: English

"The techniques in this book are not an option for testers—they are mandatory and these are the guys to tell you how to apply them!"
—HarryRobinson, Google.

 

Rigorously test and improve the security of all your Web software!

 

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

 

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

 

·   Client vulnerabilities, including attacks on client-side validation

·   State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

·   Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

·   Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

·   Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

·   Cryptography, privacy, and attacks on Web services

 

Your Web software is mission-critical—it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software—systematically.

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

"The techniques in this book are not an option for testers—they are mandatory and these are the guys to tell you how to apply them!"
—HarryRobinson, Google.

 

Rigorously test and improve the security of all your Web software!

 

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

 

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

 

·   Client vulnerabilities, including attacks on client-side validation

·   State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

·   Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

·   Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

·   Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

·   Cryptography, privacy, and attacks on Web services

 

Your Web software is mission-critical—it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software—systematically.

More books from Pearson Education

Cover of the book Nuke 101 by Mike Andrews, James A. Whittaker
Cover of the book Introduction to Game Design, Prototyping, and Development by Mike Andrews, James A. Whittaker
Cover of the book iPhoto 08 for Mac OS X by Mike Andrews, James A. Whittaker
Cover of the book Design with Adobe Creative Cloud Classroom in a Book by Mike Andrews, James A. Whittaker
Cover of the book iPad and iPad mini Absolute Beginner's Guide by Mike Andrews, James A. Whittaker
Cover of the book Let Go To Grow by Mike Andrews, James A. Whittaker
Cover of the book PKI Uncovered by Mike Andrews, James A. Whittaker
Cover of the book Cisco ASA, PIX, and FWSM Firewall Handbook by Mike Andrews, James A. Whittaker
Cover of the book Economics Demystified by Mike Andrews, James A. Whittaker
Cover of the book PHP and MySQL for Dynamic Web Sites by Mike Andrews, James A. Whittaker
Cover of the book The Art of Network Architecture by Mike Andrews, James A. Whittaker
Cover of the book The Rules of Work by Mike Andrews, James A. Whittaker
Cover of the book The Adobe Photoshop Lightroom Classic CC Book by Mike Andrews, James A. Whittaker
Cover of the book Software Pipelines and SOA by Mike Andrews, James A. Whittaker
Cover of the book Easystart: Between Two Worlds by Mike Andrews, James A. Whittaker
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy