Web Security Testing Cookbook - Brian Hope

Web Security Testing Cookbook

(Autor)

Buch | Softcover
314 Seiten
2008
O'Reilly Media (Verlag)
978-0-596-51483-9 (ISBN)
35,90 inkl. MwSt
Offers developers and testers the tools they need to make security testing a regular part of their development lifecycle. This practical book helps to find recipes related to manual, exploratory testing as well as recipes for automated security testing that you can make part of your regression cycle. It focuses on how to test web applications.
Among the tests you perform on web applications, security testing is perhaps the most important, yet it's often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite. Recipes cover the basics from observing messages between clients and servers to multi-phase tests that script the login and execution of web application features. By the end of the book, you'll be able to build tests pinpointed at Ajax functions, as well as large multi-step tests for the usual suspects: cross-site scripting and injection attacks.
This book helps you: * Obtain, install, and configure useful-and free-security testing tools * Understand how your application communicates with users, so you can better simulate attacks in your tests * Choose from many different methods that simulate common attacks such as SQL injection, cross-site scripting, and manipulating hidden form fields * Make your tests repeatable by using the scripts and examples in the recipes as starting points for automated tests Don't live in dread of the midnight phone call telling you that your site has been hacked. With Web Security Testing Cookbook and the free tools used in the book's examples, you can incorporate security coverage into your test suite, and sleep in peace.

Paco Hope is a Consultant with Cigital. His areas of expertise include PKI, cryptography, LAN networking and host security. Before joining Cigital, he served as director of product development for Charlottesville, VA-based Tovaris, Inc. and head systems administrator in the Department of Computer Science at the University of Virginia. Paco has published articles on X.509 revocation and Unix host security features.Ben Walther is a consultant at Cigital and contributor to the Edit Cookies tool. He has a hand in both normal Quality Assurance and Software Security. Day to day, he designs and executes tests - and so he understands the need for simple recipes, in the hectic QA world. Yet he has also given talks on web ap-plication testing tools to members of the Open Web Application Security Pro-ject (OWASP). Through Cigital, he tests systems ranging from financial data processing to slot machines. Mr. Walther has a B.S. in Information Science from Cornell University.

Erscheint lt. Verlag 25.11.2008
Reihe/Serie Cookbook Ser.
Verlagsort Sebastopol
Sprache englisch
Einbandart Paperback
Themenwelt Informatik Netzwerke Sicherheit / Firewall
Informatik Theorie / Studium Kryptologie
Mathematik / Informatik Informatik Web / Internet
Wirtschaft Betriebswirtschaft / Management Wirtschaftsinformatik
ISBN-10 0-596-51483-2 / 0596514832
ISBN-13 978-0-596-51483-9 / 9780596514839
Zustand Neuware
Haben Sie eine Frage zum Produkt?
Mehr entdecken
aus dem Bereich
Das Lehrbuch für Konzepte, Prinzipien, Mechanismen, Architekturen und …

von Norbert Pohlmann

Buch | Softcover (2022)
Springer Vieweg (Verlag)
34,99
Management der Informationssicherheit und Vorbereitung auf die …

von Michael Brenner; Nils gentschen Felde; Wolfgang Hommel

Buch (2024)
Carl Hanser (Verlag)
69,99

von Chaos Computer Club

Buch | Softcover (2024)
KATAPULT Verlag
28,00