Join Amazon Prime and get unlimited Free One-Day Delivery. Already a member? Sign in.

Quantity:

More Buying Choices

27 used & new from �14.20

Have one to sell? Sell yours here

Share your own customer images

Search inside this book

How to Break Web Software: Functional and Security Testing of Web Applications and Web Services (Paperback)

by Mike Andrews (Author), James A. Whittaker (Author)

4.7 out of 5 stars See all reviews (3 customer reviews)

RRP:	�24.93
Price:	�21.19 & this item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
You Save:	�3.74 (15%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In stock.
Dispatched from and sold by Amazon.co.uk. Gift-wrap available.

Only 2 left in stock--order soon (more on the way).

Want guaranteed delivery by Tuesday, July 14? Choose Express delivery at checkout. See Details

21 new from �14.20 6 used from �21.50

Frequently Bought Together

How to Break Software: A Practical Guide to Testing

Price For All Three: �70.07

Show availability and shipping details

This item: How to Break Web Software: Functional and Security Testing of Web Applications and Web Services by Mike Andrews
In stock.
Dispatched from and sold by Amazon.co.uk.
This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
How to Break Software: A Practical Guide to Testing by James A. Whittaker
In stock.
Dispatched from and sold by Amazon.co.uk.
This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions
Lessons Learned in Software Testing: A Context Driven Approach by Cem Kaner
In stock.
Dispatched from and sold by Amazon.co.uk.
This item Delivered FREE in the UK with Super Saver Delivery. See details and conditions

Customers Who Bought This Item Also Bought

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

by Dafydd Stuttard

3.0 out of 5 stars (2) �22.09

How to Break Software: A Practical Guide to Testing

by James A. Whittaker

3.0 out of 5 stars (1) �31.34

Lessons Learned in Software Testing: A Context Driven Approach

by Cem Kaner

5.0 out of 5 stars (4) �17.54

Software Testing: An ISEB Foundation

by Brian Hambling

4.9 out of 5 stars (13) �22.49

Testing Web Security: Assessing the Security of Web Sites and Applications

by Steven Splaine

4.5 out of 5 stars (4) �31.44

› Explore similar items

Product details

Paperback: 240 pages
Publisher: Addison Wesley; Pap/Cdr edition (16 Feb 2006)
Language English
ISBN-10: 0321369440
ISBN-13: 978-0321369444
Product Dimensions: 22.9 x 17.5 x 1.8 cm

Average Customer Review: 4.7 out of 5 stars See all reviews (3 customer reviews)

Amazon.co.uk Sales Rank: 42,455 in Books (See Bestsellers in Books)

Popular in these categories:

#1 in	Books > Computing & Internet > Computer Science > Security > Programming > Web Services
#2 in	Books > Computing & Internet > Computer Science > Security > Web Security
#4 in	Books > Computing & Internet > Programming > Languages > XML > Web Services

Would you like to update product info or give feedback on images?

See Complete Table of Contents

Customers Viewing This Page May Be Interested in These Sponsored Links

(What is this?)

Software Test Automation

www.SmarteSoft.com/smartescript Easy: No scripting skills needed Functional and Performance Test

Functional Testing Tool

www.TestPlant.com Quickly Automate Functional Tests, Get Started in 60 Min, Free Trial!

Web Security Software

www.Applicure.com Protect your web server traffic in real-time against app-level attacks

Product Description

Product Description
Since its early days as an information exchange tool limited to academe, researchers, and the military, the web has grown into a commerce engine that is now omnipresent in all facets of our lifes. More websites are created daily and more applications are developed to allow users to learn, research, and purchase online. As a result, web development is often rushed, which increases the risk of attacks from hackers. Furthermore, the need for secure applications has to be balanced with the need for usability, performance, and reliability. In this book, Whittaker and Andrews demonstrate how rigorous web testing can help prevent and prepare for such attacks. They point out that methodical testing must include identifying threats and attack vectors to establish and then implement the appropriate testing techniques, manual or automated.

From the Back Cover

"The techniques in this book are not an option for testers–they are mandatory and these are the guys to tell you how to apply them!"
–HarryRobinson, Google.

Rigorously test and improve the security of all your Web software!

It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software.

In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes

· Client vulnerabilities, including attacks on client-side validation

· State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking

· Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal

· Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks

· Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting

· Cryptography, privacy, and attacks on Web services

Your Web software is mission-critical–it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software–systematically.

Companion CD contains full source code for one testing tool you can modify and extend, free Web security testing tools, and complete code from a flawed Web site designed to give you hands-on practice in identifying security holes.

See all Product Description

Inside This Book (Learn More)

Suggested Tags from Similar Products

(What's this?)

Be the first one to add a relevant tag (keyword that's strongly related to this product)

webtesting

software

security testing

network security

internet

What Do Customers Ultimately Buy After Viewing This Item?

	62% buy the item featured on this page: How to Break Web Software: Functional and Security Testing of Web Applications and Web Services 4.7 out of 5 stars (3) �21.19
	19% buy The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws 3.0 out of 5 stars (2) �22.09
	8% buy Software Testing: An ISEB Foundation 4.9 out of 5 stars (13) �22.49
	6% buy Professional Pen Testing for Web Applications (Programmer to Programmer) 5.0 out of 5 stars (1) �18.19

Explore similar items

Customer Reviews

3 Reviews

5 star:		(2)
4 star:		(1)
3 star:		(0)
2 star:		(0)
1 star:		(0)

Average Customer Review

4.7 out of 5 stars (3 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

2 of 2 people found the following review helpful:

5.0 out of 5 stars Buy it, 11 Jan 2007

By	Kevin Barron "Basher" (Northampton, UK) - See all my reviews (REAL NAME)

If you want to get to grips with this subject this book is a great little read. You can either just plough through it, as it is an easy read, or go and look at all the links and tools he is referencing to get extra detail and clarity. If you don't have any other books on this subject, get this first.

No, I don't know the author.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

1 of 1 people found the following review helpful:

4.0 out of 5 stars client side only, 23 Feb 2009

By	M. Mohammed "doubleM" (Manchester, UK) - See all my reviews (REAL NAME)

If you're looking for a comprehensive guide to web testing - this is not it as it only deals with client side testing. However, it still is a good read, with valuable insight and guidance ... and at this price, I would recommend it a definate buy!

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

3 of 5 people found the following review helpful:

5.0 out of 5 stars A good overview of the tools and techniques available today!, 6 Jul 2006

By	D. Ward (UK) - See all my reviews (REAL NAME)

In keeping with the brevity of this excellent book, I'll keep this short. This book is readable, educational and covers the majority of tests that are required on web applications today. The tools included on the CD are also first rate, with good commentary on how to use them in the book, giving further reading where required.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

Share your thoughts with other customers: Create your own review

› See all 3 customer reviews...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jsOnDisplayBlock { display: none; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; }

Customer Discussions

Beta (What's this?)

This product's forum (0 discussions)

	Discussion	Replies	Latest Post
	No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Prompts for sign-in

[Cancel]

Guidelines

Listmania!

Books every software developer should read: A list by Jan Henning Gjetanger
Protect your Identity: A list by Barry Tighe "Author The Spawater Chronicles, Gieves to the Fore"
Online Marketing: A list by S. Walker

Create a Listmania! list

Look for similar items by category

Books > Computing & Internet > Computer Science > Systems Analysis & Design
Books > Computing & Internet > Digital Lifestyle > Online Shopping > Amazon
Books > Computing & Internet > Networking & Security > Security > Cryptography & Encryption
Books > Computing & Internet > Networking & Security > Security > Network Security
Books > Computing & Internet > Networking & Security > Security > Programming > Web Services
Books > Computing & Internet > Networking & Security > Security > Web Security
Books > Computing & Internet > Programming > Languages & Tools
Books > Computing & Internet > Programming > Languages > XML > Web Services
Books > Computing & Internet > Programming > Software Design, Testing & Engineering > Software Testing
Books > Computing & Internet > Web Development

Feedback

Would you like to update product info or give feedback on images?
I am the Author, and I want to comment on my book.
I am the Publisher, and I want to comment on this book.

Fun for Everyone

Achieve over 15,000 RPM with our great range of Powerballs.

›Shop the Powerball store

Beauty without the Beast

Olay Regenerist Daily 3 Point Treatment Cream

From au naturel to party glam, we have all the best names in cosmetics and skincare.

›Discover Beauty at Amazon.co.uk

Up to 53% off Braun Series Shavers

Braun Series 3 390cc Clean & Renew System Rechargeable Foil Electric Shaver

Get in touch with your smooth side with Braun Series shavers, now with Gillette blade technology.

›Discover Braun Series at Amazon.co.uk

Treat Someone

With an Amazon.co.uk Gift Certificate, you can get them what they want (even if you don't know what that is).

›Learn more about Gift Certificates

Where's My Stuff?

track your recent orders
view or change your orders in Your Account

Delivery and Returns

see our delivery rates and policies
thinking of returning an item? (See our Returns Policy)

Need Help?

Forgot your password?
Buy Gift Certificates.
still have questions? Visit our Help Pages

Your Recent History

(What's this?)

You have no recently viewed items or searches.

After viewing product detail pages or search results, look here to find an easy way to navigate back to pages you are interested in.

Look to the right column to find helpful suggestions for your shopping session.

Continue Shopping: Top Sellers

The Girl Who Played with Fire by Stieg Larsson

4.5 out of 5 stars (72)�3.86

Breaking Dawn (Twilight Saga) by Stephenie Meyer

4.1 out of 5 stars (460)�6.49

The Girl with the Dragon Tattoo by Stieg Larsson

4.1 out of 5 stars (162)�3.99

The Host by Stephenie Meyer

4.2 out of 5 stars (80)�3.86


Amazon Home

International Sites: United States \| Germany \| France \| Japan \| Canada \| China

Business Programs: Sell on Amazon \| Fulfilment by Amazon \| Join Associates \| Join Advantage

Customer Service \| Help \| View Basket \| Your Account

About Amazon.co.uk \| Careers at Amazon


Amazon Home

International Sites: United States \| Germany \| France \| Japan \| Canada \| China

Business Programs: Sell on Amazon \| Fulfilment by Amazon \| Join Associates \| Join Advantage

Customer Service \| Help \| View Basket \| Your Account

About Amazon.co.uk \| Careers at Amazon