| | |  | Investigations | Home » » How to Break Web Software: Functional and Security Testing of Web Applications and Web Services. Book & CD | | | | | | | Description: | | Since its early days as an information exchange tool limited to academe, researchers, and the military, the web has grown into a commerce engine that is now omnipresent in all facets of our lifes. More websites are created daily and more applications are developed to allow users to learn, research, and purchase online. As a result, web development is often rushed, which increases the risk of attacks from hackers. Furthermore, the need for secure applications has to be balanced with the need for usability, performance, and reliability. In this book, Whittaker and Andrews demonstrate how rigorous web testing can help prevent and prepare for such attacks. They point out that methodical testing must include identifying threats and attack vectors to establish and then implement the appropriate testing techniques, manual or automated. | | | Features: | |
• ISBN13: 9780321369444
• Condition: New
• Notes: BUY WITH CONFIDENCE, Over one million books sold! 98% Positive feedback. Compare our books, prices and service to the competition. 100% Satisfaction Guaranteed
| | | Product Details: | | | Author:
| Mike Andrews | | Paperback:
| 240 pages | | Publisher:
| Addison-Wesley Professional | | Publication Date:
| February 12, 2006 | | Language:
| English | | ISBN:
| 0321369440 | | Package Length:
| 9.0 inches | | Package Width:
| 6.9 inches | | Package Height:
| 0.7 inches | | Package Weight:
| 1.1 pounds | | Average Customer Rating:
|  based on 12 reviews |
| | | | Customer Reviews: | |
Average Customer Review:
Write an online review and share your thoughts with other customers.
1 of 1 found the following review helpful:
 How to break web softwareDec 07, 2008
Very nice book, He covers topics that i never even thought of. Highly recommended
2 of 3 found the following review helpful:
Great advice for software developersJun 29, 2007
If your company has a web site, there are many people waiting to attack it and break into it.
In How to Break Web Software: Functional and Security Testing of Web Applications and Web Services, authors Mike Andrews and James Whittaker detail the myriad Web software exploits that attackers will attempt to carry out. The tools and techniques that can be used to fight against them are also detailed.
The book also includes a companion CD that contains all of the source code referenced in the book in addition to a number of testing tools. The authors include software code from an insecure Web site, which helps the reader get a real-world feel for the topics involved.
The authors conclude with a look at the last 50 years of software defects, showing that developers are not learning from the mistakes.
The authors are of the opinion that software quality is no better today than it was decades ago. And in some cases, it is worse.
The book helps drive home the importance of having developers think about writing secure code and testing it for flaws. It is a recommended read for IT professionals.
13 of 15 found the following review helpful:
 Short on content with too much paddingMay 17, 2007
I was disappointed in this book. The actual content was pretty thin, and not very well written. Chapter 1 is a complete waste of time, and actually spends pages explaining what client/server means, what the Web is, and other things that are patently obvious to the supposed audience for this material. I found myself turning to the front to see if this book was written in 1997! You then get nine fairly short chapters with instructions on how to hack a website, more or less; followed by 50 pages of useless padding in the appendices including: an unrelated article co-authored by Whittaker for the IEEE, a detailed list of all the bugs present in their "sample application," and then descriptions of their recommended tools, all of which can easily be found on the Web without paying $22 for this book.
As another reviewer mentioned, there are many typos and other problems like incorrect illustrations, making the reader wonder if Addison-Wesley even employs a copy editor. Furthermore, I felt this book was inaccurately named and described. It's really more about rudimentary hacking and protecting your web application against hackers than web quality or web testing. A beginning web developer might do well to read this as a primer on how to create sites and applications with basic security, but as an experienced tester it was of limited use to me.
2 of 4 found the following review helpful:
Wow!Apr 13, 2007
I've been programming for over 10 years and thought that I had encountered it all. Uh ya, I was wrong. I'm amazed that a person can work with something for so long and yet still miss simple things like URL jumping. This is a great 32,000 foot view of web security (not a how to hack book) and covers what you should know if you are a web developer. Even if you alredy "know it all" this is a great read and excellent reference for creating check lists on projects and threats they may be succeptable to.
0 of 15 found the following review helpful:
Fast international deliveryMar 15, 2007
It was a good experience to purchase from Amazon and getting them delivered in India at my door-step. Order reached me ontime and is in good condition.
Thanks,
Samta
| | |
|
