Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Hunting Security Bugs

Hunting Security Bugs, 9780735621879 (073562187X), Microsoft Press, 2006

Your essential reference to software security testing—from the experts.

Learn how to think like an attacker—and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Discover how to:

  • Identify high-risk entry points and create test cases
  • Test clients and servers for malicious request/response bugs
  • Use black box and white box approaches to help reveal security vulnerabilities
  • Uncover spoofing issues, including identity and user interface spoofing
  • Detect bugs that can take advantage of your program’s logic, such as SQL injection
  • Test for XML, SOAP, and Web services vulnerabilities
  • Recognize information disclosure and weak permissions issues
  • Identify where attackers can directly manipulate memory
  • Test with alternate data representations to uncover canonicalization issues
  • Expose COM and ActiveX repurposing attacks

About the Authors

Tom Gallagher has been intrigued with both physical and computer security from a young age. In 1999, Tom graduated from Loyola University of New Orleans and was hired to work as a penetration tester for Microsoft SharePoint. Since then, he has continued to work on the security of different parts of Microsoft Office and is currently the lead of the Office Security Test team. This team is primarily focused on penetration testing, writing security testing tools, and educating program managers, developers, and testers about security issues.

Bryan Jeffries has been interested in computers for as long as he can remember. Upon graduating from North Carolina State University in 2001 with a BS degree in Computer Science, he left his home state of North Carolina to work for Microsoft Corporation in Redmond, Washington. He has been working as a software engineer in Microsoft SharePoint Products and Technologies for the past five years and is responsible for driving security testing across Microsoft Office Server System.

Lawrence Landauer's first interest in computers was as a hobby. After graduating from Montana State University in 1995 with a BS degree in Industrial and Management Engineering, he has since worked for Microsoft Corporation as a software engineer working on coding, testing, and training projects related to security, personal productivity, and deployment.

(HTML tags aren't allowed.)

ASP.NET Unleashed, Second Edition
ASP.NET Unleashed, Second Edition

The second edition of ASP.NET Unleashed further strengthens a book that is already one of the most highly regarded ASP.NET books available. Stephen covers virtually all relevant features of ASP.NET. In addition, all samples will now be presented in VB .NET and C#.

Managing Software Development with Trac and Subversion
Managing Software Development with Trac and Subversion
Software development - especially for small teams & projects - often ends up unmanaged and suffering from the ever present problem of feature creep. This book presents a simple set of processes and practices that allow you to manage these projects without getting in the way. This book looks at what is needed to manage software development...
Ethernet Networks: Design, Implementation, Operation,& Management
Ethernet Networks: Design, Implementation, Operation,& Management
Ethernet Networks, Fourth Edition, provides everything you need to know to plan, implement, manage and upgrade Ethernet networks.
  • Improve your skills in employing Ethernet hubs, switches, and routers.

  • Learn how to set up and operate a wireless Local Area Network (LAN).


Web Bloopers, First Edition : 60 Common Web Design Mistakes, and How to Avoid Them
Web Bloopers, First Edition : 60 Common Web Design Mistakes, and How to Avoid Them

Will your website pass the test? Or will site visitors be gnashing their teeth and shaking their fists? Will any customers ever come back to your site? Save yourself the embarrassment of being caught with your Web bloopers showing. Read this book and find out now if your website commits any heinous bloopers.

This book is not just about...

Kali Linux Network Scanning Cookbook
Kali Linux Network Scanning Cookbook

Over 90 hands-on recipes explaining how to leverage custom scripts and integrated tools in Kali Linux to effectively master network scanning

About This Book

  • Learn the fundamentals behind commonly used scanning techniques
  • Deploy powerful scanning tools that are integrated into the Kali...
Business Intelligence with MicroStrategy Cookbook
Business Intelligence with MicroStrategy Cookbook

Over 90 practical, hands-on recipes to help you build your MicroStrategy business intelligence project, including more than a 100 screencasts


  • Learn about every step of the BI project, starting from the installation of a sample database
  • Design web reports and documents
  • ...
©2019 LearnIT (support@pdfchm.net) - Privacy Policy