What do you think?
Rate this book
Web Security Testing Cookbook
Among the tests you perform on web applications, security testing is perhaps the most important, yet it's often the most neglected. The recipes in the Web Security Testing Cookbook demonstrate how developers and testers can check for the most common web security issues, while conducting unit tests, regression tests, or exploratory tests. Unlike ad hoc security assessments, these recipes are repeatable, concise, and systematic-perfect for integrating into your regular test suite.
Recipes cover the basics from observing messages between clients and servers to multi-phase tests that script the login and execution of web application features. By the end of the book, you'll be able to build tests pinpointed at Ajax functions, as well as large multi-step tests for the usual cross-site scripting and injection attacks. This book helps Don't live in dread of the midnight phone call telling you that your site has been hacked. With Web Security Testing Cookbook and the free tools used in the book's examples, you can incorporate security coverage into your test suite, and sleep in peace.
Recipes cover the basics from observing messages between clients and servers to multi-phase tests that script the login and execution of web application features. By the end of the book, you'll be able to build tests pinpointed at Ajax functions, as well as large multi-step tests for the usual cross-site scripting and injection attacks. This book helps Don't live in dread of the midnight phone call telling you that your site has been hacked. With Web Security Testing Cookbook and the free tools used in the book's examples, you can incorporate security coverage into your test suite, and sleep in peace.
312 pages, Paperback
First published January 1, 2008
5 people are currently reading
61 people want to read
About the author
Paco Hope
7 booksPaco Hope is a Principal Consultant with Cigital, Inc. and has 12 years of experience in the security of gaming systems (lottery systems, online gaming, casino gaming devices), web applications, operating systems, and embedded devices (e.g., mobile phones, smart cards). As a consultant, his customers have included major banks in New York and London, online gambling firms worldwide, and numerous business-to-business software providers.
Paco's passion is making software secure and reliable. He believes that securing software is everyone's job, and everyone has a role to play—be they testers, developers, IT staff, or management.
Paco's passion is making software secure and reliable. He believes that securing software is everyone's job, and everyone has a role to play—be they testers, developers, IT staff, or management.
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
Displaying 1 - 3 of 3 reviews
December 26, 2009
seems alright... doesn't get too in-depth as it is basically a group of tools methods for detecting web vulnerabilities
May 19, 2015
Although the book is quite old, it has tons of useful information. Great book that has a lot of useful ready to use "hacking" scripts
October 2, 2011
Excellent, but more of a reference. I think I’m going to get a copy and keep it next to my desk.
Displaying 1 - 3 of 3 reviews