Security Basics mailing list archives
Re: Penetration testing books
From: Jon Kibler <Jon.Kibler () aset com>
Date: Wed, 24 Dec 2008 04:29:50 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Vin Oxious wrote:
Dear Friends, Greetings !! .. Can someone please provide a list of books containing the methodology to test vulnerabilities for both network and web based vulnerabilities ( session replay , session fixation ) etc. thanks in advance
Are you looking to test web apps, or the network and all systems/apps on the network? Two entirely different things w/ two entirely different answers. For web apps, I recommend: The Web Application Hacker's Handbook previously mentioned is great. Also, the OWASP Guide is also a must. I also recommend: XSS Attacks: Cross Site Scripting Exploits and Defense by Seth Fogie, Jeremiah Grossman, Robert Hansen, and Anton Rager. If you really want detail on pen testing books, post this question to the pen testing mailing list. Jon K - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-224-2494 s: 843-564-4224 http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAklSAQ4ACgkQUVxQRc85QlO6RgCdEg3yiyyk+YECnShMB8nhU+le bjAAoIC7fmsd6ssBhOsDOZpWwaWc1XDg =w2Ps -----END PGP SIGNATURE----- ================================================== Filtered by: TRUSTEM.COM's Email Filtering Service http://www.trustem.com/ No Spam. No Viruses. Just Good Clean Email.
Current thread:
- Penetration testing books Vin Oxious (Dec 23)
- Re: Penetration testing books ArcSighter Elite (Dec 23)
- Re: Penetration testing books Nathan Sportsman (Dec 23)
- RE: Penetration testing books Palacios Ruiz, Pablo (Dec 23)
- Re: Penetration testing books Robert Larsen (Dec 23)
- Re: Penetration testing books Jon Kibler (Dec 26)
- Re: Penetration testing books p3dRø (Dec 23)
- RE: Penetration testing books Craig Wright (Dec 30)
- Re: Penetration testing books Taras P. Ivashchenko (Dec 23)
- Re: Penetration testing books Jon Kibler (Dec 24)
- Re: Penetration testing books Vedantam sekhar (Dec 30)
- Re: Penetration testing books gmail (Dec 30)
- Vuln Scan vs. Pen Test -- WAS: Re: Penetration testing books Jon Kibler (Dec 31)
- Re: Vuln Scan vs. Pen Test -- WAS: Re: Penetration testing books gmail (Dec 31)
- Re: Vuln Scan vs. Pen Test -- WAS: Re: Penetration testing books Adriel Desautels (Dec 31)
- Re: Penetration testing books gmail (Dec 30)
- Re: Penetration testing books ArcSighter Elite (Dec 23)
- <Possible follow-ups>
- Re: Penetration testing books paavan . shah (Dec 23)
- Re: Penetration testing books krymson (Dec 23)
- Re: Penetration testing books aloha (Dec 23)