Learn how to think like an attacker—and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.
Discover how to:
- Identify high-risk entry points and create test cases
- Test clients and servers for malicious request/response bugs
- Use black box and white box approaches to help reveal security vulnerabilities
- Uncover spoofing issues, including identity and user interface spoofing
- Detect bugs that can take advantage of your program’s logic, such as SQL injection
- Test for XML, SOAP, and Web services vulnerabilities
- Recognize information disclosure and weak permissions issues
- Identify where attackers can directly manipulate memory
- Test with alternate data representations to uncover canonicalization issues
- Expose COM and ActiveX repurposing attacks
PLUS—Get code samples and debugging tools on the Web
- ISBN10 073562187X
- ISBN13 9780735621879
- Publish Date 30 August 2006 (first published 1 June 2006)
- Publish Status Out of Print
- Out of Print 3 April 2014
- Publish Country US
- Imprint Microsoft Press,U.S.
- Format Paperback
- Pages 592
- Language English