Biting the hand that feeds IT

The Register


Static Product Information Page

 Web Security Testing Cookbook

 

Published by: O'REILLY & ASSOCIATES
Author: Paco Hope, Ben Walther
Number of pages: 288
Group: SECURITY - NETWORKS
ISBN: 0596514832/9780596514839
User level: Intermediate/Advance
Objective: Reference
Date Published: October 2008
 RRP £24.99 Save 29%
  Our Price £17.74

Not Yet Published

See the latest price and availability.


  Book Information

Millions of dollars are spent every year developing,
testing, defending, and fixing web applications -- and,
ultimately, web developers are blamed when something goes
wrong. Web Security Testing Cookbook gives developers an
inexpensive way to include testing as part of the
development cycle. You'll find scores of recipes for testing
web applications, from relatively simple solutions to
complex ones that combine several solutions.

This practical book focuses on how to test web applications
-- not what web security consists of or why developers
should test. And, rather than IT security, the recipes
address application software exclusively -- source code,
business logic -- written, operated, and now tested by you.
Each recipe in the book states the problem to be solved, the
tools and techniques required, technical details involved,
and examples.

Web Security Testing Cookbook also leverages free tools, and
not only because they save you considerable expense. In
security, perhaps more than in any other specialized
discipline, the best tools tend to be free. The book offers
recipes in four different sections to help you:

Learn basics concepts to develop tests, and obtain and set
up the tools you'll use
Automate tools and scripts to test a web application in a
systematic way
Learn methods to bypass client side input validation for
various purposes, such as SQL injection, cross-site
scripting, and manipulating hidden form fields
Focus on the session by finding identifiers, analyzing how
predictable they are, and manipulating them with tools

By following the recipes in this book, you can be reasonably
sure that your application is not going to be one of the
thousands that hackers compromise every day. They don't take
the place of real penetration testing, but they will make
sure your application is not a disaster waiting to happen.

Take the time to include security testing in the development
cycle. Web Security Testing Cookbook will save you weeks of
headaches and tons of money down the road. Who knows? This
book might even save your job.