Web Security Testing Cookbook: Systematic Techniques To Find Problems Fast
by Paco Hope /
2008 / English / PDF
6.5 MB Download
Among the tests you perform on web applications, security
testing is perhaps the most important, yet it's often the most
neglected. The recipes in the
Among the tests you perform on web applications, security
testing is perhaps the most important, yet it's often the most
neglected. The recipes in theWeb Security Testing
Cookbook
Web Security Testing
Cookbook demonstrate how developers and testers can check
for the most common web security issues, while conducting unit
tests, regression tests, or exploratory tests. Unlike ad hoc
security assessments, these recipes are repeatable, concise,
and systematic-perfect for integrating into your regular test
suite.
demonstrate how developers and testers can check
for the most common web security issues, while conducting unit
tests, regression tests, or exploratory tests. Unlike ad hoc
security assessments, these recipes are repeatable, concise,
and systematic-perfect for integrating into your regular test
suite.
Recipes cover the basics from observing messages between
clients and servers to multi-phase tests that script the login
and execution of web application features. By the end of the
book, you'll be able to build tests pinpointed at Ajax
functions, as well as large multi-step tests for the usual
suspects: cross-site scripting and injection attacks. This book
helps you:
Recipes cover the basics from observing messages between
clients and servers to multi-phase tests that script the login
and execution of web application features. By the end of the
book, you'll be able to build tests pinpointed at Ajax
functions, as well as large multi-step tests for the usual
suspects: cross-site scripting and injection attacks. This book
helps you:Obtain, install, and configure useful-and free-security
testing tools
Obtain, install, and configure useful-and free-security
testing toolsUnderstand how your application communicates with users, so
you can better simulate attacks in your tests
Understand how your application communicates with users, so
you can better simulate attacks in your testsChoose from many different methods that simulate common
attacks such as SQL injection, cross-site scripting, and
manipulating hidden form fields
Choose from many different methods that simulate common
attacks such as SQL injection, cross-site scripting, and
manipulating hidden form fieldsMake your tests repeatable by using the scripts and
examples in the recipes as starting points for automated tests
Make your tests repeatable by using the scripts and
examples in the recipes as starting points for automated tests
Don't live in dread of the midnight phone call telling you that
your site has been hacked. With
Don't live in dread of the midnight phone call telling you that
your site has been hacked. WithWeb Security Testing
Cookbook
Web Security Testing
Cookbook and the free tools used in the book's examples,
you can incorporate security coverage into your test suite, and
sleep in peace.
and the free tools used in the book's examples,
you can incorporate security coverage into your test suite, and
sleep in peace.