How to Break Web Software
Functional and Security Testing of Web Applications and Web Services
▪️Авторы: Mike Andrews, James A. Whittaker
▪️Год: 2006
· Client vulnerabilities, including attacks on client-side validation
· State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking
· Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal
· Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks
· Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting
· Cryptography, privacy, and attacks on Web services
⏱ Скачать олдовую книгу
Functional and Security Testing of Web Applications and Web Services
▪️Авторы: Mike Andrews, James A. Whittaker
▪️Год: 2006
· Client vulnerabilities, including attacks on client-side validation
· State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking
· Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal
· Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks
· Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting
· Cryptography, privacy, and attacks on Web services