Testing Applications On The Web
Download Testing Applications On The Web PDF/ePub or read online books in Mobi eBooks. Click Download or Read Online button to get Testing Applications On The Web book now. This website allows unlimited access to, at the time of writing, more than 1.5 million titles, including hundreds of thousands of titles in various foreign languages.
Testing Applications on the Web
A software testing survival guide for those who work in Internet time With Internet applications spreading like wildfire, the field of software testing is increasingly challenged by the brave new networked world of e-business. This book brings you up to speed on the technologies, testing concepts, and tools you'll need to run e-business applications on the Web. Written by Hung Nguyen, a coauthor of the bestselling software testing book of all time, Testing Computer Software, this new guide takes you to the next level, helping you apply your existing skills to the testing of B2B (Business-to-Business), B2C (Business-to-Consumer), and internal Web-based applications. You'll learn how to test transactions across networks, explore complex systems for errors, and work efficiently with the many components at play--from servers to browsers to protocols. Most importantly, you'll get detailed instructions on how to carry out specific test types along with case studies and error examples for each test. Software testers, test leads and test managers, QA analysts and managers, and IT managers and staff will find this an invaluable resource for their testing projects. With an emphasis on achievable goals and necessary rather than nice-to-have features, Testing Applications on the Web provides: An analysis of the Web-application model and the difference between Web testing and traditional testing A tutorial on the methodology and techniques for networking technologies and component-based testing Strategies for test planning, test case designing, and error analysis on the Web Effective real-world practices for UI (User Interface) tests, security tests, installation tests, load and stress tests, database tests, and more A survey of commercial tools and a sampling of proven test matrices and templates
How to Break Web Software
Author: Mike Andrews
language: en
Publisher: Addison-Wesley Professional
Release Date: 2006-02-02
Rigorously test and improve the security of all your Web software! It’s as certain as death and taxes: hackers will mercilessly attack your Web sites, applications, and services. If you’re vulnerable, you’d better discover these attacks yourself, before the black hats do. Now, there’s a definitive, hands-on guide to security-testing any Web-based software: How to Break Web Software. In this book, two renowned experts address every category of Web software exploit: attacks on clients, servers, state, user inputs, and more. You’ll master powerful attack tools and techniques as you uncover dozens of crucial, widely exploited flaws in Web architecture and coding. The authors reveal where to look for potential threats and attack vectors, how to rigorously test for each of them, and how to mitigate the problems you find. Coverage includes · Client vulnerabilities, including attacks on client-side validation · State-based attacks: hidden fields, CGI parameters, cookie poisoning, URL jumping, and session hijacking · Attacks on user-supplied inputs: cross-site scripting, SQL injection, and directory traversal · Language- and technology-based attacks: buffer overflows, canonicalization, and NULL string attacks · Server attacks: SQL Injection with stored procedures, command injection, and server fingerprinting · Cryptography, privacy, and attacks on Web services Your Web software is mission-critical–it can’t be compromised. Whether you’re a developer, tester, QA specialist, or IT manager, this book will help you protect that software–systematically.
Testing Web Security
Covers security basics and guides reader through the process of testing a Web site. Explains how to analyze results and design specialized follow-up tests that focus on potential security gaps. Teaches the process of discovery, scanning, analyzing, verifying results of specialized tests, and fixing vulnerabilities.