Very informative. If you develop web software it's a must-read

books:


	• How to Break Web Software: Functional and Security Testing of Web Applications and Web Services. Book & CD Mike Andrews, James A. Whittaker Addison-Wesley Professional, 2006 - 240 pages average customer review:based on 11 reviews view larger image
	for more information click here

highly recommended

Very informative. If you develop web software it's a must-read

I recently finished reading How to Break Web Software: Functional and Security Testing of Web Applications and Web Services by Mike Andrews and James A. Whittaker. I, like many of you, develop web software for a living. I've always taken security seriously and occasionally sneered when I ran across examples of common mistakes. Having said that, this book was an eye opener for me.

The book covers common exploits such as bypassing input validation, SQL injection, and denial of service. There were also several types of attacks I hadn't really considered before. I won't list them here because someone would undoubtedly say, "I can't believe he didn't know about that one!" The authors cover 24 different types of attacks in all. The book also includes coverage of web privacy issues and security related to web services.

Finally, as icing on the cake, a CD is included that contains many tools that will find permanent spots in your arsenal. There are tools to do things like scan web servers for common exploits, mirror sites for local analysis, and check SSL cipher strengths. My favorites are the local proxies that will allow you to view and modify posts as they travel from the client and the server. I always knew I could do this, but didn't know how easy it is. The CD also contains the source code of an example site that includes many flaws for you to practice.

This book is written for software professionals to help them put the hackers out of business. So, it necessarily includes hacker techniques. If you develop or test web software, you should read this book before the hackers do. :-)

for more information click here

Great advice for software developers

If your company has a web site, there are many people waiting to attack it and break into it.

In How to Break Web Software: Functional and Security Testing of Web Applications and Web Services, authors Mike Andrews and James Whittaker detail the myriad Web software exploits that attackers will attempt to carry out. The tools and techniques that can be used to fight against them are also detailed.

The book also includes a companion CD that contains all of the source code referenced in the book in addition to a number of testing tools. The authors include software code from an insecure Web site, which helps the reader get a real-world feel for the topics involved.

The authors conclude with a look at the last 50 years of software defects, showing that developers are not learning from the mistakes.

The authors are of the opinion that software quality is no better today than it was decades ago. And in some cases, it is worse.

The book helps drive home the importance of having developers think about writing secure code and testing it for flaws. It is a recommended read for IT professionals.

for more information click here

Wow!

I've been programming for over 10 years and thought that I had encountered it all. Uh ya, I was wrong. I'm amazed that a person can work with something for so long and yet still miss simple things like URL jumping. This is a great 32,000 foot view of web security (not a how to hack book) and covers what you should know if you are a web developer. Even if you alredy "know it all" this is a great read and excellent reference for creating check lists on projects and threats they may be succeptable to.

Fast international delivery

It was a good experience to purchase from Amazon and getting them delivered in India at my door-step. Order reached me ontime and is in good condition.

Thanks,
Samta

for more information click here

reviews: page 1, 2, 3

hot