The book provides a solid foundation for security testing of web software, covering various attacks like SQL injection and cross-site scripting. It also explains web software technologies and how to protect against these attacks, making it valuable for understanding and improving web security.
This book, written in 2006, offers a comprehensive introduction to security testing for web software. Despite some outdated references, it effectively explains various attacks such as SQL injection, cross-site scripting, session hijacking, and cookie poisoning. The book not only describes these attacks in detail but also provides insights into how web software works and how to protect against these vulnerabilities. The final chapter on web services is particularly valuable, as it covers technologies that are essential for daily work in web development. Overall, the book enhances understanding of web security and offers practical tips for safer web practices.
Quick quotes
This book was written in 2006 so you can imagine that a lot has changed since! Web Software is bigger than ever.
How to Break Web Software” gives very good foundation for Security Testing Web Software.
The attack descriptions were a great way to learn about the testing techniques heard about before, but the best way to learn them better is to apply them practically.