Quantity:

More Buying Choices

34 used & new from �12.46

Have one to sell? Sell yours here

Share your own customer images

Search inside this book

How to Break Web Software: Functional and Security Testing of Web Applications and Web Services (Paperback)

by Mike Andrews (Author), James A. Whittaker (Author)

4.7 out of 5 stars See all reviews (3 customer reviews)

RRP:	�24.93
Price:	�12.46 & this item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
You Save:	�12.47 (50%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In stock.
Dispatched from and sold by Amazon.co.uk. Gift-wrap available.

Want guaranteed delivery by Thursday, November 12? Choose Express delivery at checkout. See Details

22 new from �12.46 12 used from �15.00

Frequently Bought Together

Customers buy this book with The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard

Price For Both: �33.55

Show availability and shipping details

This item: How to Break Web Software: Functional and Security Testing of Web Applications and Web Services by Mike Andrews

In stock.
Dispatched from and sold by Amazon.co.uk.
This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard

In stock.
Dispatched from and sold by Amazon.co.uk.
This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions

This item: How to Break Web Software: Functional and Security Testing of Web Applications and Web Services by Mike Andrews
In stock.
Dispatched from and sold by Amazon.co.uk.
This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Dafydd Stuttard
In stock.
Dispatched from and sold by Amazon.co.uk.
This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions

Customers Who Bought This Item Also Bought

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

by Dafydd Stuttard

5.0 out of 5 stars (3) �21.09

Software Security: Building Security In

by Gary McGraw

�30.52

Testing Web Security: Assessing the Security of Web Sites and Applications

by Steven Splaine

4.5 out of 5 stars (4) �23.58

How to Break Software: A Practical Guide to Testing

by James A. Whittaker

3.0 out of 5 stars (1) �30.00

Lessons Learned in Software Testing: A Context Driven Approach

by Cem Kaner

5.0 out of 5 stars (4) �15.99

› Explore similar items

Product details

Paperback: 240 pages
Publisher: Addison Wesley; Pap/Cdr edition (16 Feb 2006)
Language English
ISBN-10: 0321369440
ISBN-13: 978-0321369444
Product Dimensions: 22.9 x 17.5 x 1.8 cm

Average Customer Review: 4.7 out of 5 stars See all reviews (3 customer reviews)

Amazon.co.uk Sales Rank: 134,509 in Books (See Bestsellers in Books)

Popular in these categories:

#2 in	Books > Computing & Internet > Computer Science > Security > Programming > Web Services
#6 in	Books > Computing & Internet > Computer Science > Security > Web Security
#14 in	Books > Computing & Internet > Programming > Languages > XML > Web Services

Would you like to update product info or give feedback on images?

See Complete Table of Contents

Customers Viewing This Page May Be Interested in These Sponsored Links

(What is this?)

EAI and ESB Testing opens new browser window

www.parasoft.com - TIBCO/BEA/JMS/MQ Testing Complete SOA/EAI coverage

Automated Web Testing opens new browser window

www.cloudtesting.com - Automated functional testing for your website - 7 day free trial

Web Application Security opens new browser window

www.Applicure.com - Protect your web server traffic in real-time against app-level attacks

Product Description

Since its early days as an information exchange tool limited to academe, researchers, and the military, the web has grown into a commerce engine that is now omnipresent in all facets of our lifes. More websites are created daily and more applications are developed to allow users to learn, research, and purchase online. As a result, web development is often rushed, which increases the risk of attacks from hackers. Furthermore, the need for secure applications has to be balanced with the need for usability, performance, and reliability. In this book, Whittaker and Andrews demonstrate how rigorous web testing can help prevent and prepare for such attacks. They point out that methodical testing must include identifying threats and attack vectors to establish and then implement the appropriate testing techniques, manual or automated.

From the Back Cover

"The techniques in this book are not an option for testers–they are mandatory and these are the guys to tell you how to apply them!"
–HarryRobinson, Google.

Rigorously test and improve the security of all your Web software!

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

· Client vulnerabilities, including attacks on client-side validation

· State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

· Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

· Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

· Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

· Cryptography, privacy, and attacks on Web services

Your Web software is mission-critical–it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software–systematically.

Companion CD contains full source code for one testing tool you can modify and extend, free Web security testing tools, and complete code from a flawed Web site designed to give you hands-on practice in identifying security holes.

See all Product Description

Inside This Book (Learn More)

Suggested Tags from Similar Products

(What's this?)

Be the first one to add a relevant tag (keyword that's strongly related to this product)

webtesting

software

security testing

network security

internet

What Do Customers Ultimately Buy After Viewing This Item?

	73% buy the item featured on this page: How to Break Web Software: Functional and Security Testing of Web Applications and Web Services 4.7 out of 5 stars (3) �12.46
	15% buy The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws 5.0 out of 5 stars (3) �21.09
	5% buy Agile Testing: A Practical Guide for Testers and Agile Teams (Addison-Wesley Signature) 5.0 out of 5 stars (3) �15.99
	3% buy Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast �16.99

Explore similar items

Customer Reviews

3 Reviews

5 star:		(2)
4 star:		(1)
3 star:		(0)
2 star:		(0)
1 star:		(0)

Average Customer Review

4.7 out of 5 stars (3 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

2 of 2 people found the following review helpful:

5.0 out of 5 stars Buy it, 11 Jan 2007

By	Kevin Barron "Basher" (Northampton, UK) - See all my reviews (REAL NAME)

If you want to get to grips with this subject this book is a great little read. You can either just plough through it, as it is an easy read, or go and look at all the links and tools he is referencing to get extra detail and clarity. If you don't have any other books on this subject, get this first.

No, I don't know the author.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

1 of 1 people found the following review helpful:

4.0 out of 5 stars client side only, 23 Feb 2009

By	M. Mohammed "doubleM" (Manchester, UK) - See all my reviews (REAL NAME)

If you're looking for a comprehensive guide to web testing - this is not it as it only deals with client side testing. However, it still is a good read, with valuable insight and guidance ... and at this price, I would recommend it a definate buy!

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

3 of 5 people found the following review helpful:

5.0 out of 5 stars A good overview of the tools and techniques available today!, 6 Jul 2006

By	D. Ward (UK) - See all my reviews (REAL NAME)

In keeping with the brevity of this excellent book, I'll keep this short. This book is readable, educational and covers the majority of tests that are required on web applications today. The tools included on the CD are also first rate, with good commentary on how to use them in the book, giving further reading where required.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

Share your thoughts with other customers: Create your own review

› See all 3 customer reviews...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }