How to break software security : effective techniques for security testing /
James A. Whittaker, Herbert H. Thompson.
- Boston : Pearson/Addison Wesley, c2004.
- xx, 185 p. : ill ; 24 cm.+ 1 CD-ROM (4 3/4 in.)
Includes bibliographical references and index.
i introduction -- ii creating unanticipated user input scenarios -- 2 attacking software dependencies -- 3 breaking security through the user interface -- iii design and implementation attacks -- 4 attacking design -- 5 attacking implementation -- iv applying the attacks -- 6 putting it all together -- v conclusion -- 7 some parting advice -- appendices -- index.
How to Break Software Security describes the general problem of software security in a practical perspective from a software tester's point of view. It defines prescriptive techniques (attacks that testers can use on their own software) that are designed to ferret out security vulnerabilities in software applications. The book's style is easy to read and provides readers with the techniques and advice to hunt down security bugs and see that they're destroyed before the software is released. Accompanying the book is a CD-ROM containing Holodeck, which tests for security vulnerabilities. There are also a number of bug-finding tools, freeware, and an easy-to-use port scanner included on the CD-ROM.