Quantity:

Express Checkout with PayPhrase

What's this? | Create PayPhrase

More Buying Choices

45 used & new from $14.88

Have one to sell? Sell yours here

Share with Friends

Share your own customer images

Search inside this book

Tell the Publisher! I�d like to read this book on Kindle Don�t have a Kindle? Get your Kindle here.

Professional Pen Testing for Web Applications (Programmer to Programmer) (Paperback)

~ (Author)
Key Phrases: pen tester, pen testing, testing endeavors, Try Again, Sat Dec, Lotus Domino (more...)

4.7 out of 5 stars See all reviews (6 customer reviews)

List Price:	$39.99
Price:	$26.39 & this item ships for FREE with Super Saver Shipping. Details
You Save:	$13.60 (34%)
	o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o o

In Stock.
Ships from and sold by Amazon.com. Gift-wrap available.

Only 2 left in stock--order soon (more on the way).

Want it delivered Wednesday, November 25? Choose One-Day Shipping at checkout. Details

30 new from $14.88 15 used from $14.88

Frequently Bought Together

Price For All Three: $89.39

Show availability and shipping details

This item: Professional Pen Testing for Web Applications (Programmer to Programmer) by Andres Andreu
In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details
The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws by Marcus Pinto
In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details
The Database Hacker's Handbook: Defending Database Servers by David Litchfield
In Stock.
Ships from and sold by Amazon.com.
This item ships for FREE with Super Saver Shipping. Details

Customers Who Bought This Item Also Bought

The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws

by Marcus Pinto

4.9 out of 5 stars (15) $31.50

Hacking Exposed Web Applications, 2nd Ed. (Hacking Exposed)

by Joel Scambray

4.8 out of 5 stars (6) $31.49

XSS Attacks: Cross Site Scripting Exploits and Defense

by Seth Fogie

4.4 out of 5 stars (5) $53.95

The Database Hacker's Handbook: Defending Database Servers

by David Litchfield

4.9 out of 5 stars (7) $31.50

Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast

by Paco Hope

5.0 out of 5 stars (4) $26.39

› Explore similar items

Editorial Reviews

Product Description

There is no such thing as "perfect security" when it comes to keeping all systems intact and functioning properly. Good penetration (pen) testing creates a balance that allows a system to be secure while simultaneously being fully functional. With this book, you'll learn how to become an effective penetrator (i.e., a white hat or ethical hacker) in order to circumvent the security features of a Web application so that those features can be accurately evaluated and adequate security precautions can be put in place.

After a review of the basics of web applications, you'll be introduced to web application hacking concepts and techniques such as vulnerability analysis, attack simulation, results analysis, manuals, source code, and circuit diagrams. These web application hacking concepts and techniques will prove useful information for ultimately securing the resources that need your protection.

What you will learn from this book
* Surveillance techniques that an attacker uses when targeting a system for a strike
* Various types of issues that exist within the modern day web application space
* How to audit web services in order to assess areas of risk and exposure
* How to analyze your results and translate them into documentation that is useful for remediation
* Techniques for pen-testing trials to practice before a live project

Who this book is for

This book is for programmers, developers, and information security professionals who want to become familiar with web application security and how to audit it.

Wrox Professional guides are planned and written by working programmers to meet the real-world needs of programmers, developers, and IT professionals. Focused and relevant, they address the issues technology professionals face every day. They provide examples, practical solutions, and expert education in new technologies, all designed to help programmers do a better job.

From the Back Cover

After a review of the basics of web applications, you'll be introduced to web application hacking concepts and techniques such as vulnerability analysis, attack simulation, results analysis, manuals, source code, and circuit diagrams. These web application hacking concepts and techniques will prove useful information for ultimately securing the resources that need your protection.

What you will learn from this book

Surveillance techniques that an attacker uses when targeting a system for a strike
Various types of issues that exist within the modern day web application space
How to audit web services in order to assess areas of risk and exposure
How to analyze your results and translate them into documentation that is useful for remediation
Techniques for pen-testing trials to practice before a live project

Who this book is for

This book is for programmers, developers, and information security professionals who want to become familiar with web application security and how to audit it.

Wrox Professional guides are planned and written by working programmers to meet the real-world needs of programmers, developers, and IT professionals. Focused and relevant, they address the issues technology professionals face every day. They provide examples, practical solutions, and expert education in new technologies, all designed to help programmers do a better job.

See all Editorial Reviews

Product Details

Paperback: 522 pages
Publisher: Wrox (July 5, 2006)
Language: English
ISBN-10: 0471789666
ISBN-13: 978-0471789666
Product Dimensions: 9 x 7.2 x 1.3 inches
Shipping Weight: 1.6 pounds (View shipping rates and policies)

Average Customer Review: 4.7 out of 5 stars See all reviews (6 customer reviews)

Amazon.com Sales Rank: #279,881 in Books (See Bestsellers in Books)
Popular in these categories: (What's this?)
#56 in Books > Computers & Internet > Business & Culture > Security
#63 in Books > Computers & Internet > Programming > Software Design, Testing & Engineering > Testing

Would you like to update product info or give feedback on images?

More About the Author

Discover books, learn about writers, read author blogs, and more.

› Visit Amazon's Andres Andreu Page

Inside This Book (learn more)

Key Phrases - Statistically Improbable Phrases (SIPs): (learn more)
pen tester, pen testing, testing endeavors, target app, remediation team, clear text data, injection vulnerabilities, target web server, section correlates, injection attacks, threat modeling, attack strings, exploit code, underlying query, attack simulations, known exploits, successful breach, exploit program, target entity, hash size, attack request, cookie data, exploit research, attack dictionaries, exemplary purposes

Key Phrases - Capitalized Phrases (CAPs): (learn more)
Try Again, Sat Dec, Lotus Domino, Threat Classifications, Getting Started, Latest Headlines, Analysis Scripted Fragments Fuzzer Compare Search, Microsoft Windows, Basic Auth, Hacme Bank, Response Splitting, Risk Matrix, File View Tools Help Summary Message, Microsoft Corporation, Fedora Core, Lib Whisker, Security Test, Weak Secudy, Andres Andreu, Done Figure, Enter Characters, Hacme Books, Internal Server Error, Confidentiality Regs Protection Level, Manage Fuzz

New!
Books on Related Topics | Concordance | Text Stats

Citations (learn more)

This book cites 1 book:

Sun Microsystems by Vault Reports on page 181

Books on Related Topics (learn more)

Hacking Exposed 5th Edition by George Kurtz

Discusses:

19 Deadly Sins of Software Security by John Viega

Discusses:

The Art of Intrusion by Kevin D. Mitnick

Discusses:

Network Security by Roberta Bragg

Discusses:

What Do Customers Ultimately Buy After Viewing This Item?

	54% buy the item featured on this page: Professional Pen Testing for Web Applications (Programmer to Programmer) 4.7 out of 5 stars (6) $26.39
	23% buy The Web Application Hacker's Handbook: Discovering and Exploiting Security Flaws 4.9 out of 5 stars (15) $31.50
	10% buy Web Security Testing Cookbook: Systematic Techniques to Find Problems Fast 5.0 out of 5 stars (4) $26.39
	8% buy Hacking Exposed Web Applications, 2nd Ed. (Hacking Exposed) 4.8 out of 5 stars (6) $31.49

Explore similar items

Tags Customers Associate with This Product

(What's this?)

Click on a tag to find related items, discussions, and people.

javascript(1)

security(1)

web security(1)

Agree with these tags?

Sell a Digital Version of This Book in the Kindle Store

If you are a publisher or author and hold the digital rights to a book, you can sell a digital version of it in our Kindle Store. Learn more

Customer Reviews

6 Reviews

5 star:		(4)
4 star:		(2)
3 star:		(0)
2 star:		(0)
1 star:		(0)

Average Customer Review

4.7 out of 5 stars (6 customer reviews)

Share your thoughts with other customers:

Create your own review

Most Helpful Customer Reviews

27 of 29 people found the following review helpful:

5.0 out of 5 stars Excellent book about web application security and pen testing, July 7, 2006

By	Jack (Canada) - See all my reviews

Taking a top-level view on the subject on pen testing web applications this book is a success. It does not focus on hack techniques only and certainly does not use case studies to just show off. The author provides an excellent balance of in-depth technical hacking information with the way the results from such activity get applied to the business of pen testing. Many other books simply show techniques or cover a case study and then move on, the author of this book, Andres Andreu, covers how to handle the results of such needle in the haystack work in order to make strides towards web presence protection. He is clearly not trying to generate more script kiddies but provide professionals the power to understand their security position in respect to web applications and take measures to protect themselves through this heightened awareness.

One of the strong points the author makes is certainly well taken in that the typical security professional is not knowledgeable enough to properly protect the web applications of today, they are generally network specialists. Based on this notion the book predominately attacks the issue from a programmatic stance aiming at filling the gaps where security is important. But he provides enough foundation and basics that if you carefully read you should not be at a loss when using this book. Also provided are enough data to build an effective personal lab and practice most of the areas covered throughout the book. This book really should be on every desk or shelf of security professionals that deal with web applications.

The book has a general pragmatic overtone and the author is obviously focused on real world work and results, keeping theory to a minimum. There are 11 chapters which are loosely associated to what is seemingly the evolution of a pen-testing project that the author sometimes refers to as a journey. Then there are 4 Appendices covering some interesting areas.

Chapter 1 at first glance seems like the typical nonsense where we find out how vulnerable we all are and how messed up the industry is. And while there is some of that there is also a very strong distinct message about what makes an effective web application pen tester and if you read the material carefully the author is being very motivational and even covering psychological aspects of this type of work. I enjoyed reading about the mindset one has to get into in order to do this type of white hat work effectively. It gave me a new perspective on what I, as a network security professional, deal with daily. There were also some nice touches of doing this not just as an employee but also as a professional. This lean towards consultants is important because the rules are always different when a consultant comes in to do this type of work as an outsider.

Chapter 2 is titled "Some Basics" quite appropriately because only some basics are covered. There is so much more that can be covered in this area even though to be fair the book would then be twice its current size. In any event it is either a love hate type chapter, for example if you have experience with technologies like SOAP then you will not care much for it and will move on. On the other hand if you have gaps in your knowledge that are covered in this chapter you will find it quite beneficial. This seems like a technical chapter targeting non-web-programmers. Security and network engineers stand to learn a lot in this chapter. It covers many different areas like SSL certificates and CSR's all the way to SOAP and WSDL. Along the way many important areas are covered such as standard web languages, web state, data encryption, data encoding, and XML. At first this material in this chapter seems all over the place and I had to come back to it various times. But after the material sank in I realized the method behind the author's seemingly chaotic approach to the material. Love it or hate it there is great material in this chapter.

Chapter 3 is your standard surveillance material with a clear lean towards application specific material as opposed to network level. Some network level material is presented even though these areas are covered much better in other books. The author doesn't seem to be trying to cover this in classic from, he just wants what he needs from the network so as to better attack the application. There are some hidden gems in this chapter that will be eye opening in the sense that some pre-packaged programs for this work will inevitably fall short. Manual analysis of gathered data becomes clear as an important step. One interesting step presented is to gather any and all publicly available information and use it all together to form the basis of some eventual attack.

Chapter 4 seems totally out of place at first and it annoyed me. After the technical material from chapter 3 I wanted to attack something. And this chapter seems to back track into some theoretical best practices nonsense. But there are many hidden technical tidbits in this chapter and so it requires some careful reading. I like the way the author linked the OWASP Top 10 and the WASC categories, this was unique in its approach and I haven't seen that done anywhere else. This chapter will set the general basis for organizing your work into attack areas and has many areas of non-obvious technical information. I would have liked seeing more in the area of threat modeling even though I know many real world practitioners don't practice this. The author exposes the practice in summarized form and clearly states the some clients in the real world don't care about this. But the material is presented in such a way that it can help you discipline yourself into some structured process. After all, an interesting and valuable chapter.

Chapter 5 nose-dives into attacking web servers with a focus on IIS and Apache. Some old and some new exploits are covered. But the key part of the chapter is the area where the types of attacks are covered since this applies to just about any web server. The programmatic approach is blatant here in that most exploits are backed up with code that can execute the attack covered. This is very useful even though you have to be somewhat proficient in Perl for instance to make some of the examples work. I enjoyed this chapter a lot and even wrote some scripts based on the information from this chapter. I now regularly test new web servers with this knowledge before they go live.

Chapter 6 is really the hands on apex of the technical aspects the book brings to light. In respect to standard web applications this chapter is huge and effectively covers many aspects ranging from proxy servers as pen testing tools to custom scripts to injection attacks to brute force attacks. Along the way the author covers related areas like effective dictionary generation for brute forcing. He even covers L33T Speak because it is out there. Chapter 6 starts out with a lightweight checklist that is intended to be a foundation and cannot be anything more. This could have been developed further. After this the chapter covers manual and automated testing.

The manual testing section focuses on Webscarab, Perl/LibWhisker, Authentication attacks (with ObiWan, Brutus, Crowbar THC-hydra, & Lcrack), Buffer overflow's, and client side attacks such as XSS, RSS, cookies based. This section ends with a small but clear example from what the author claims is a "real-world example". Based on the level of detail presented I believe this indeed accurate.

After all the manual work is covered Mr. Andreu dives into the world of automated tools in the form of Open Source and he even exposes some commercial tools that are supposed to be good, even though he certainly leaves that up to the reader. From the Open Source category Paros proxy, Spike proxy, Nikto, E-or, Wikto, ntoinsight, and finally Nessus are covered. Different levels of depth are gone into based on the tool but they are nevertheless effectively presented to us readers. I have used some of them successfully after first being exposed to them from reading this chapter.

Chapter 7 took me from where the previous chapter left off into the dark world of known exploits. It is as if the researchers mentioned in this chapter performed the chapter 6 learning's somewhere and documented their findings into information that can be used by anyone. This chapter is structured similar to Chapter 6 in that it starts out with some examples based on manual work; hence the flow from the previous chapter is nice. Lotus Domino and IIS are attacked in the first 2 manual examples and there is a sense of real world here because in the real world black and white are rare. The author takes us through the entire process of these examples from some of his projects and then shows how sometimes the exposure is acceptable risk as opposed to saying something abrupt like "and so I hacked this successfully". These examples do a great job of putting together many of the teachings presented throughout the book up to this point. They are all tied in effectively and the deep complexity of this work starts to take shape this chapter.

From here there is a shift into automated testing using Metasploit. The tool is presented effectively but the example I felt lacked a lot. Maybe this is because the 2 earlier examples were much juicier but I was left in a somewhat anti-climactic state.

To finish off the chapter the author exposes you to some public sources of valuable data as well as providing you a powerful warning about self-protection and exposing 2 commercial players in the known vulnerability market. The public sources is a nice touch because the information is presented in terms of staying on top of an ever rapidly changing arena like the web based... Read more ›

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

13 of 13 people found the following review helpful:

4.0 out of 5 stars An aptly named book on a crucial and modern security topic, October 5, 2006

By	Richard Bejtlich "TaoSecurity.com" (Metro Washington, DC) - See all my reviews (TOP 500 REVIEWER) (REAL NAME)

I recently received copies of Hacking Exposed: Web Applications, 2nd Ed (HE:WA2E) by Joel Scambray, Mike Shema, and Caleb Sima, and Professional Pen Testing for Web Applications (PPTFWA) by Andres Andreu. I read HE:WA2E first, then PPTFWA. Both are excellent books, but I expect potential readers want to know which is best for them. I could honestly recommend readers buy either (or both) books. Most people should start by reading HE:WA2E, and then fill in gaps by reading PPTFWA.

Before proceeding I should note I used to work with the two ex-Foundstone authors of HE:WA2E, although I haven't been afraid in the past to review books honestly.

First, I must say PPTFWA was published in the right series. The motto "Programmer to Programmer," and the term "Professional" in the title, clearly apply to this book. Author Andres Andreu takes his work very seriously, sometimes at the expense of the non-programming network security crowd. You will feel welcome if you are a programmer/security person, but maybe not if you work with "edge devices" like firewalls, IDS, and so on. Given this stance, I found it ironic that PPTFWA's advice (on p 220) for dealing with such impediments is "[m]ake sure your client disables these." Despite the author's focus on application security, he still notes (on p 425) "edge-level protective steps are interesting because they can provide the same level of protection to multiple Web applications simultaneously... [t]his is important because many times you will be faced with a Web application that needs remediation, but the stakeholders will not allow anyone to touch it at the core." Exactly!

PPTFWA's strengths lie in the depth it covers certain subjects. For example, its discussions of Web Services are very strong, easily better than HE:WA2E. PPTFWA introduces a wider variety of tools than HE:WA2E, many of which were totally new to me. Even tools without a strict security use (e.g., Twill) are shown to have powerful assessment features. (I liked the hints on p0f in Ch 3, and I use p0f with Sguil.) I like the examples of real cross-site scripting attacks in Ch 4 and the case studies in several parts of the book.

PPTFWA deserves credit for two other features. First, the book covers report writing, especially identification and removal of false positives. This is critical yet not often mentioned elsewhere. Second, the book links to a VMware image built by the author containing vulnerable Web app software. This is exceptional and much appreciated.

I couldn't give PPTFWA five stars for two reasons. First, I didn't think the book was as well-organized as HE:WA2E. One of the other reviews mentions this fact. Signs of weak structure include repeating or rephrasing material, or wondering why a chapter is placed (e.g., Ch 5?).

Second, I found conceptional problems with PPTFWA that are unfortunately not limited to this book; i.e, they often appear in Web app security community discussions. On p 5 the author writes "truly thorough defensive postures can always beat out the offense in these scenarios because there will just be an easier target elsewhere." I disagree, especially when targeted attacks or insiders are at work. Speaking of insiders, on p 11 we read that FBI and CSI reports say "a majority of attacks [come] from inside." This isn't true either, and hasn't been for many years (if it were ever true at all).

I found the author's use of the terms threat and vulnerability to be all over the map. For example, p 191 says "Threats that are identified as unresolved become vulnerabilities. Vulnerability is also present when a threat exists and the steps to mediate it have not been implemented." This is just wrong; vulnerabilities exist despite the presence or absence of threats. Risk exists when a vulnerability is present, a threat has the capabilities and intentions to exploit it, and an asset has value. Furthermore, much of the "threat" talk in PPTFWA is built on the flawed characterizations of mostly attacks and vulnerabilities found in WASC and OWASP documents. It would have been great for PPTFWA to build on these technically exceptional but terminologically challenged guides by wrapping them with a sound risk, threat, vulnerability, asset, and attack framework.

Aside from these issues (which bother me but can be ignored in favor of technical material) I really liked PPTFWA. I think the book is an example of the sort of higher-end book we should expect to see from good security authors in the future. There is much more to digital security than Web applications, although you might not feel that way when reading PPTFWA. Nevertheless, I consider PPTFWA a must-read after HE:WA2E.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

3 of 3 people found the following review helpful:

5.0 out of 5 stars Excellent Book for Security Staff handles Day-to-Day security intrusions, May 22, 2007

By	Edgard Padilla (Towson, MD United States) - See all my reviews (REAL NAME)

For the last 9 years I had been working daily in security tasks, (no managerial position!) in multiple tasks IDS, Firewalls, Switches, and had been exposed with multiple flavors of security products. From Open Source to Windows. Working with the products! In our arena we need security books references that will help us improve our analytical skills, and let us know what is out there. The field is very dynamic and nobody holds the torch of "guru" in this arena (Even thou many claim it!). Very very few books excel in quality of delivery, and comprehension. And understand our day to day security jobs. This book is one of the few books I recomend for your average security guy, that needs help to understand what is behind the scene in the web network traffic. Go ahead and buy this book. Its worth it.

Comment Comment | Permalink | Was this review helpful to you? Yes No (Report this)

Share your thoughts with other customers: Create your own review

› See all 6 customer reviews...

Most Recent Customer Reviews

4.0 out of 5 stars Entertaining and educational
Just a quick note about this book; the book was entertaining enough to keep you interested and contained alot of useful and practical information. Read more

Published on May 8, 2007 by Joshua Newnham

5.0 out of 5 stars Smokin Hot Book!
Awesome book on Pen Testing!! I believe this is right up there with Richard Bejtlich's books. Great examples and very 3D. Read more

Published on March 26, 2007 by Jimmy Ray Purser

5.0 out of 5 stars A "Must Have" for your technical library!
First things first, this book is not intended for newbies... That being said, this is by far the most comprehensive guide to application security that exists today. Read more

Published on August 8, 2006 by M. Delabar

› See all 6 customer reviews...

.jsOffDisplayBlock { display: block; } .jsOffDisplayInline { display: inline; } .jsOffVisibility { visibility: visible; } .jsOnDisplayBlock { display: none; } .jsOnDisplayNoneBlock { display: block; } .jsOnDisplayNoneInline { display: inline; } .jsOnDisplayInline { display: none; } .jsOnVisibility { visibility: hidden; } .jqOnDisplayBlock { display: none; } .jqOnDisplayInline { display: none; } .jqOnVisibility { visibility: hidden; } .jqOnDisplayNoneBlock { display: block; } .jqOnDisplayNoneInline { display: inline; }

Customer Discussions

This product's forum

Discussion	Replies	Latest Post
No discussions yet

Ask questions, Share opinions, Gain insight

Start a new discussion

Topic:

First post:

Receive e-mail when new posts are made

Prompts for sign-in

Guidelines

Active discussions in related forums

Discussion	Replies	Latest Post
textbook textbook scam	77	3 days ago
textbook Textbooks for Kindle DX?	63	5 days ago
textbook Anyone need psychology testbook- trying to sell a used copy	2	9 days ago