Liknande böcker

Paper Prototyping
Bok av Carolyn Snyder
Learn Git in a Month of Lunches
Bok av Rick Umali
Firewall Policies and VPN Configurations
Bok av Syngress
Practical Cryptography
Bok av Niels Ferguson
Introduction to Systems Analysis and Design 6th Edition
Bok av John W. Satzinger
Designing The iPhone User Expericence: A User-Centered Approach To Sketc...
Bok av Suzanne Ginsburg
Exploiting Software
Bok av Greg Hoglund
Designing the Search Experience: The Information Architecture of Discovery
Bok av Tony Russell-Rose. Tyler Tate.

How to Break Web Software: Functional & Security Testing of Web Applications and Web Services Book/CD Package

Bok av Mike Andrews
"The techniques in this book are not an option for testersthey are mandatory and these are the guys to tell you how to apply them!" HarryRobinson, Google.   Rigorously test and improve the security of all your Web software!   Its as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If youre vulnerable, youd better discover these attacks yourself, before the black hats do. Now, theres a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.   In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. Youll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes      Client vulnerabilities, including attacks on client-side validation    State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking    Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal    Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks    Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting    Cryptography, privacy, and attacks on Web services   Your Web software is mission-criticalit cant be compromised. Whether youre a developer, tester, QA specialist, or IT manager, this book will help you protect that softwaresystematically.   Companion CD contains full source code for one testing tool you can modify and extend, free Web security testing tools, and complete code from a flawed Web site designed to give you hands-on practice in identifying security holes.