Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Penetration testing books

From: Jon Kibler <Jon.Kibler () aset com>
Date: Wed, 24 Dec 2008 04:29:50 -0500
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Vin Oxious wrote:

Dear Friends,

                           Greetings !! .. Can someone please provide
a list of books containing the methodology to test vulnerabilities for
both network and web based vulnerabilities ( session replay , session
fixation ) etc.

thanks in advance



Are you looking to test web apps, or the network and all systems/apps on
the network? Two entirely different things w/ two entirely different
answers. For web apps, I recommend:

The Web Application Hacker's Handbook previously mentioned is great.
Also, the OWASP Guide is also a must.

I also recommend:
XSS Attacks: Cross Site Scripting Exploits and Defense by Seth Fogie,
Jeremiah Grossman, Robert Hansen, and Anton Rager.


If you really want detail on pen testing books, post this question to
the pen testing mailing list.


Jon K
- --
Jon R. Kibler
Chief Technical Officer
Advanced Systems Engineering Technology, Inc.
Charleston, SC  USA
o: 843-849-8214
c: 843-224-2494
s: 843-564-4224
http://www.linkedin.com/in/jonrkibler

My PGP Fingerprint is:
BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iEYEARECAAYFAklSAQ4ACgkQUVxQRc85QlO6RgCdEg3yiyyk+YECnShMB8nhU+le
bjAAoIC7fmsd6ssBhOsDOZpWwaWc1XDg
=w2Ps
-----END PGP SIGNATURE-----




==================================================
Filtered by: TRUSTEM.COM's Email Filtering Service
http://www.trustem.com/
No Spam. No Viruses. Just Good Clean Email.
Previous By Date Next
Previous By Thread Next

Current thread: