How to Break Web Software

Functional and Security Testing of Web Applications and Web Services

Nonfiction, Computers, Networking & Communications, Computer Security, Operating Systems, Application Software
Cover of the book How to Break Web Software by Mike Andrews, James A. Whittaker, Pearson Education
View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart
Author: Mike Andrews, James A. Whittaker ISBN: 9780321657510
Publisher: Pearson Education Publication: February 2, 2006
Imprint: Addison-Wesley Professional Language: English
Author: Mike Andrews, James A. Whittaker
ISBN: 9780321657510
Publisher: Pearson Education
Publication: February 2, 2006
Imprint: Addison-Wesley Professional
Language: English

"The techniques in this book are not an option for testers—they are mandatory and these are the guys to tell you how to apply them!"
—HarryRobinson, Google.

 

Rigorously test and improve the security of all your Web software!

 

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

 

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

 

·   Client vulnerabilities, including attacks on client-side validation

·   State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

·   Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

·   Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

·   Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

·   Cryptography, privacy, and attacks on Web services

 

Your Web software is mission-critical—it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software—systematically.

View on Amazon View on AbeBooks View on Kobo View on B.Depository View on eBay View on Walmart

"The techniques in this book are not an option for testers—they are mandatory and these are the guys to tell you how to apply them!"
—HarryRobinson, Google.

 

Rigorously test and improve the security of all your Web software!

 

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

 

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

 

·   Client vulnerabilities, including attacks on client-side validation

·   State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

·   Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

·   Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

·   Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

·   Cryptography, privacy, and attacks on Web services

 

Your Web software is mission-critical—it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software—systematically.

More books from Pearson Education

Cover of the book The Truth About Negotiating with Someone You Hate...or Love by Mike Andrews, James A. Whittaker
Cover of the book Customer Service Supply Chain Management by Mike Andrews, James A. Whittaker
Cover of the book Project Management for Mere Mortals by Mike Andrews, James A. Whittaker
Cover of the book Microsoft System Center Building a Virtualized Network Solution by Mike Andrews, James A. Whittaker
Cover of the book My iPhone by Mike Andrews, James A. Whittaker
Cover of the book CCENT ICND1 100-105 Exam Cram by Mike Andrews, James A. Whittaker
Cover of the book Key Business Analytics by Mike Andrews, James A. Whittaker
Cover of the book York Notes Companions: Shakespeare and Renaissance Drama by Mike Andrews, James A. Whittaker
Cover of the book Smart Retail by Mike Andrews, James A. Whittaker
Cover of the book Domain-Specific Development with Visual Studio DSL Tools by Mike Andrews, James A. Whittaker
Cover of the book Managing Software Debt by Mike Andrews, James A. Whittaker
Cover of the book Apple Watch and iPhone Fitness Tips and Tricks (includes Content Update Program) by Mike Andrews, James A. Whittaker
Cover of the book Light Right by Mike Andrews, James A. Whittaker
Cover of the book Windows Phone 8 Unleashed by Mike Andrews, James A. Whittaker
Cover of the book Office 2016 In Depth (includes Content Update Program) by Mike Andrews, James A. Whittaker
We use our own "cookies" and third party cookies to improve services and to see statistical information. By using this website, you agree to our Privacy Policy