Hunting Security Bugs - Bryan Jeffries, Lawrence Landauer

Hunting Security Bugs

Buch | Softcover
592 Seiten
2006
Microsoft Press,U.S. (Verlag)
978-0-7356-2187-9 (ISBN)
46,95 inkl. MwSt
  • Titel ist leider vergriffen;
    keine Neuauflage
  • Artikel merken
"Finding Security Bugs" deals with computers/software.
Learn how to think like an attacker—and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Discover how to:





Identify high-risk entry points and create test cases
Test clients and servers for malicious request/response bugs
Use black box and white box approaches to help reveal security vulnerabilities
Uncover spoofing issues, including identity and user interface spoofing
Detect bugs that can take advantage of your program’s logic, such as SQL injection
Test for XML, SOAP, and Web services vulnerabilities
Recognize information disclosure and weak permissions issues
Identify where attackers can directly manipulate memory
Test with alternate data representations to uncover canonicalization issues
Expose COM and ActiveX repurposing attacks



PLUS—Get code samples and debugging tools on the Web

Bryan Jeffries is a software engineer responsible for driving security testing on Microsoft SharePoint Products and Technologies.

General approach to security testing Using threat models for security testing Finding entry points Becoming a malicious client Becoming a malicious server Spoofing Information disclosure Buffer overflows Format string attacks HTML scripting attacks XML issues Canonicalization issues Finding weak permissions Denial of service attacks Managed code issues Observation & reverse engineering ActiveX repurposing attacks Reporting security bugs

Erscheint lt. Verlag 30.8.2006
Reihe/Serie secure software Development Series
Verlagsort Redmond
Sprache englisch
Maße 187 x 229 mm
Gewicht 1000 g
Themenwelt Informatik Theorie / Studium Kryptologie
ISBN-10 0-7356-2187-X / 073562187X
ISBN-13 978-0-7356-2187-9 / 9780735621879
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich