Web Security Testing

This reading list includes books and articles that discuss testing focused of finding vulnerabilities in a product, system, or software to hackers or other malicious usage.

Michael Howard, David LeBlanc, and John Viega, 19 Deadly Sins of Software Security. McGraw-Hill, 2005.

Mike Andrews and James A. Whittaker, How to Break Web Software, Addison Wesley, 2006. This book describes techniques for testing software including looking for hacking vulnerabilities on web sites.

Jack Koziol, David Litchfield, Dave Aitel, and Chris An,:The Shellcoder's Handbook: Discovering and Exploiting Security Holes , Wiley, 2004.

Johnny Long, Google Hacking for Penetration Testers, Syngress Publishers, 2001.

Bala Neerumalla, "New SQL Truncation Attacks And How To Avoid Them", MSDN Magazine, November 2006.

Search for more resources