Home | Amazing | Today | Tags | Publishers | Years | Account | Search 
Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast

Buy
Among the tests you perform on web applications, security testing is perhaps the most important, yet it's often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite. Recipes cover the basics from observing messages between clients and servers to multi-phase tests that script the login and execution of web application features. By the end of the book, you'll be able to build tests pinpointed at Ajax functions, as well as large multi-step tests for the usual suspects: cross-site scripting and injection attacks. This book helps you: Obtain, install, and configure useful-and free-security testing tools Understand how your application communicates with users, so you can better simulate attacks in your tests Choose from many different methods that simulate common attacks such as SQL injection, cross-site scripting, and manipulating hidden form fields Make your tests repeatable by using the scripts and examples in the recipes as starting points for automated tests

Don't live in dread of the midnight phone call telling you that your site has been hacked. With Web Security Testing Cookbook and the free tools used in the book's examples, you can incorporate security coverage into your test suite, and sleep in peace.

About the Author

Paco Hope is a Technical Manager at Cigital, Inc. and co-author of Mastering FreeBSD and OpenBSD Security (April 2005, O'Reilly, ISBN 0596006268). Mr. Hope has also published articles on Misuse and Abuse Cases and PKI. He has been invited to conferences to speak on topics such as software security re-quirements, web application security, and embedded system security. At Cigi-tal, he has served as a subject matter expert to MasterCard International for security policies and has assisted a Fortune 500 hospitality company in writ-ing software security policy. He also trains software developers and testers in the fundamentals of software security. In the gaming and mobile communica-tions industries he has advised several companies on software security. Mr. Hope majored in Computer Science and English at The College of William and Mary and received an M.S. in Computer Science from the University of Virginia.

Ben Walther is a consultant at Cigital and contributor to the Edit Cookies tool. He has a hand in both normal Quality Assurance and Software Security. Day to day, he designs and executes tests - and so he understands the need for simple recipes, in the hectic QA world. Yet he has also given talks on web ap-plication testing tools to members of the Open Web Application Security Pro-ject (OWASP). Through Cigital, he tests systems ranging from financial data processing to slot machines. Mr. Walther has a B.S. in Information Science from Cornell University.

(HTML tags aren't allowed.)

Marketing Fear in America's Public Schools: The Real War on Literacy
Marketing Fear in America's Public Schools: The Real War on Literacy
We begin and end this book with chapters on resistance to the agendas of the corporate and political right. In chapter two, Carole Edelsky provocatively outlines both the problem of and the resistance to the marketing of fear being perpetuated by the corporate and political right. She uncovers how teachers known for their critical, holistic...
Mastering R for Quantitative Finance
Mastering R for Quantitative Finance

Use R to optimize your trading strategy and build up your own risk management system

About This Book

  • Learn to manipulate, visualize, and analyze a wide range of financial data with the help of built-in functions and programming in R
  • Understand the concepts of financial engineering and...
Nonlinear Optics, Third Edition
Nonlinear Optics, Third Edition
Nonlinear optics is the study of the interaction of intense laser light with matter. The third edition of this textbook has been rewritten to conform to the standard SI system of units and includes comprehensively updated material on the latest developments in the field.

The book presents an introduction to the entire field of optical
...

Inside PC Card: Cardbus and Pcmcia Design (Edn Series for Design Engineers)
Inside PC Card: Cardbus and Pcmcia Design (Edn Series for Design Engineers)
PC Card (or PCMCIA) technology allows computers to interface with each other using less space than conventional interfaces. Currently, most applications are in the personal computing market, to enhance peripheral capabilities. As the industry changes, the applications will grow outside of the PC arena, into areas such as medical instrumentation and...
Chemosensitivity: Volume II: In Vivo Models, Imaging, and Molecular Regulators (Methods in Molecular Medicine)
Chemosensitivity: Volume II: In Vivo Models, Imaging, and Molecular Regulators (Methods in Molecular Medicine)

A state-of-the art collection of readily reproducible laboratory methods for assessing chemosensitivity in vitro and in vivo, and for assessing the parameters that modulate chemosensitivity in individual tumors. Chemosensitivity,Volume 2: In Vivo Models, Imaging, and Molecular Regulators contains cutting-edge protocols for classifying tumors...

Fuel Cell Engines
Fuel Cell Engines

The first fuel cell theory and application resource written for students and professionals.

With the field of fuel cells growing at a rapid pace, there is a powerful need for a single guide to the myriad disciplines related to the technology. Fuel Cell Engines provides a comprehensive and detailed introduction to the
...

©2019 LearnIT (support@pdfchm.net) - Privacy Policy