Hunting Security Bugs

by Bryan Jeffries and Lawrence Landauer

0 ratings • 0 reviews • 0 shelved
Book cover for Hunting Security Bugs

Bookhype may earn a small commission from qualifying purchases. Full disclosure.

Learn how to think like an attacker—and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released.

Discover how to:

  • Identify high-risk entry points and create test cases
  • Test clients and servers for malicious request/response bugs
  • Use black box and white box approaches to help reveal security vulnerabilities
  • Uncover spoofing issues, including identity and user interface spoofing
  • Detect bugs that can take advantage of your program’s logic, such as SQL injection
  • Test for XML, SOAP, and Web services vulnerabilities
  • Recognize information disclosure and weak permissions issues
  • Identify where attackers can directly manipulate memory
  • Test with alternate data representations to uncover canonicalization issues
  • Expose COM and ActiveX repurposing attacks


PLUS—Get code samples and debugging tools on the Web
  • ISBN10 073562187X
  • ISBN13 9780735621879
  • Publish Date 30 August 2006 (first published 1 June 2006)
  • Publish Status Out of Print
  • Out of Print 3 April 2014
  • Publish Country US
  • Imprint Microsoft Press,U.S.
  • Format Paperback
  • Pages 592
  • Language English