United States
Change
|
All Microsoft Sites
Search
Select option:
Microsoft Learning
Microsoft
Bing
Enter search terms
Home
Training
Certification
Career
Blogs & Community
Programs for Businesses
Help
About Us
Who We Are & What We Do
Our Newsroom
Follow Us
Latest News and Announcements
Special Offers
Member Sites
Microsoft Learning Partners
MCP Site
MCT Site
MOS Site
Related Sites
Microsoft IT Academy
Microsoft Education
Microsoft DreamSpark
Imagine Cup
Developer Academic Alliance
Microsoft Digital Literacy Curriculum
Microsoft Education Competencies
Worldwide Learning Sites
By Format
Overview
Classroom Training
E-Learning (Online Training)
Books Overview
E-Reference Overview
Learning Games
By Product/Technology
Overview
Cloud Services
Dynamics
Exchange Server
FAST University
Forefront
Lync Server
Office
SharePoint
SQL Server
System Center
Virtualization
Visual Studio
Windows
Windows Azure
Windows Phone
Windows Server
Windows Small Business Server
More ...
Find Training & Classes Near You
Training Catalog
Retired Courses
Discontinued Exams
Create Your Own Training
Create Online Courses & Learning Snacks (LCDS)
Courseware Library Community Authoring
Academic Programs
Learning Partners
Overview
E-Learning Universal Vouchers
Certification Overview
Benefits
Program Benefits and Membership
MCP Career Center
Benefits to Employers
Take an Exam
Overview
Find an Exam
Earn College Credit
Prepare for and Take a Certification Exam (FAQ)
Certification Lifecycle
Exam Development and Release Cycle (FAQ)
Exam Policies
Exam Development
By Product/Technology
Overview
Cloud Services
Exchange Server
Lync Server & OCS
Office 365
Private Cloud
SharePoint Server
SQL Server
System Center
Virtualization
Visual Studio
Windows Client (Windows 7)
Windows Phone
Windows Server
All Products and Technologies
By Name
Overview
MCITP (IT Professional)
MCTS (Technology Specialist)
MCPD (Professional Developer)
MCSA (Solutions Associate)
MCSD (Solutions Developer)
MCSE (Solutions Expert)
MCSM (Solutions Master)
MOS (Office Specialist)
Microsoft Dynamics
MTA (Technology Associate)
MCM (Certified Master)
MCA (Certified Architect)
MCT (Certified Trainer)
Overview
Career Offers
IT Manager
Professional
Student
Overview
Blogs & Forums
Webcasts & Videos
Overview
Volume Licensing
Software Assurance
Frequently Asked Questions
Support
Overview
Regional Service Centers – North America
Regional Service Centers – Latin America
Regional Service Centers - Asia/Pacific
Regional Service Centers - Europe/Africa
Learning Books Index
Microsoft.com
>
Microsoft Learning
>
Training Catalog
>
Books
Hunting Security Bugs
Published:
August 30, 2006
Accompanying Media:
N/A
Author:
Tom Gallagher; Bryan Jeffries; Lawrence Landauer
Language:
English
Length:
592 Pages
Level:
Intermediate, Advanced
ISBN 13:
9780735621879
Technology:
Security
ISBN 10:
0-7356-2187-X
Format:
N/A
List Price:
$ 49.99
Overview
About the Author
Community
Give Feedback
About The Book
Your essential reference to software security testing—from the experts.
Learn how to think like an attacker—and identify potential security issues in your software. In this essential guide, security testing experts offer practical, hands-on guidance and code samples to help you find, classify, and assess security bugs before your software is released. Discover how to:
Identify high-risk entry points and create test cases
Test clients and servers for malicious request/response bugs
Use black box and white box approaches to help reveal security vulnerabilities
Uncover spoofing issues, including identity and user interface spoofing
Detect bugs that can take advantage of your program’s logic, such as SQL injection
Test for XML, SOAP, and Web services vulnerabilities
Recognize information disclosure and weak permissions issues
Identify where attackers can directly manipulate memory
Test with alternate data representations to uncover canonicalization issues
Expose COM and ActiveX repurposing attacksPLUS—Get code samples and debugging tools on the Web
About Tom Gallagher; Bryan Jeffries; Lawrence Landauer
Tom Gallagher is the lead of the Microsoft Office Security Test team, where he focuses on penetration testing, writing security testing tools, and providing security education.
Bryan Jeffries is a software engineer responsible for driving security testing on Microsoft SharePoint Products and Technologies.
Lawrence Landauer is a software engineer at Microsoft where he works on coding, testing, and training projects related to security, personal productivity, and deployment.
Michael Howard, Series Consulting Editor, is a leading security expert and author
Have Questions?
For advice about training and certification, connect with peers:
Visit the training and certification forum
For questions about a specific certification, chat with a Microsoft Certified Professional (MCP):
Visit our MCP newsgroups
To find out about recommended blogs, Web sites, and upcoming Live Meetings on popular topics, visit our community site:
Visit the Microsoft Learning community
What do you think of this book?
Your feedback is important in helping us create books that serve your needs and meet your expectations.
Please take our survey at
www.microsoft.com/learning/booksurvey
Note: You will need this book's 13-digit International Standard Book Number (ISBN) to take the survey. The ISBN 13 can be found above.
To report or search for corrections in this book or companion content,
please go to
www.microsoft.com/learning/support/books/
Book index
Buy This Book
Related Courses
Collection 80414: Service Management in Microsoft Dynamics AX 2012
Collection 80415: Public Sector Procurement and Payables in Microsoft Dynamics AX 2012
More Courses >>
Related Books
Programming Windows Identity Foundation
Microsoft Exchange Server 2010 Best Practices
More Books >>
Other Developer Series Books
XAML Developer Reference
MCPD 70-519 Exam Ref: Designing and Developing Web Applications Using Microsoft® .NET Framework 4
Start Here!™ Learn Microsoft® Visual C#® 2010
More Books >>
Related Services
E-Reference Libraries
Microsoft Press Online Developer Tools
Microsoft Press Online Windows Server & Client
Print This Page
E-mail this page to a friend
Rate this page and submit feedback
Please tell us why you rated the content this way. (optional)
Please choose a rating value for this content.
Please limit comments to 256 characters.
Tweet
Share
