Security Basics mailing list archives
Re: Question about a book
From: Bipin Upadhyay <muxical.geek () gmail com>
Date: Sat, 05 Jan 2008 13:49:28 +0530
Brent Huston wrote:
I would skip the book if you are going to do risk assessment instead of application assessments... A better guide would likely be the high level OWASP stuff at http://www.owasp.org.
Agreed. More specifically, you could get the "OWASP Testing Guide".Additonaly, you could have look at "Professional Pen Testing for Web Applications" - Andres Andreu.
[SNIPPED] HTH, Bipin "Om" Upadhyay, http://projectbee.org
Current thread:
- Question about a book Worrell, Brian (Jan 04)
- Re: Question about a book Brent Huston (Jan 04)
- Re: Question about a book Bipin Upadhyay (Jan 07)
- <Possible follow-ups>
- Re: Question about a book Sheldon Malm (Jan 04)
- Re: Question about a book Brent Huston (Jan 04)