Re: WebServices Testing

["mailing lists" <bofn () irq org>]

*This message was transferred with a trial version of CommuniGate(tm) Pro*

On Sat, 7 Oct 2006 08:50:11 -0700 (PDT)
Shahin Ansari <zohal52 () yahoo com> wrote:

> Hi
>   Where would you say one can learn more about this profession ethically?  How and what
tools should they use?  Also do you know where I can get GCIH?  I know you do not
approve, but I am new.
>   Sean

i've read the first chapters some of the sold as Best certification course books, and
found too many mistakes, false assumptions and bad logic in them.
they look like 'cut, alter & paste' work from the Orange Book from the mid 80's, or a
stack of random articles.

my advice would be, First learn how things work, before you read books and articles on
how to 'break' them.

if you dont know how the HTTP  protocol works with all its funky commands and options,
then you can only repeat the few tricks, and will not see a lot of the the site specific
issues.
automated tests are a nice tool to speed up things, but no replacement for eyes, brain
and keyboard.

Cheers
*Anna


-- 
"The power of accurate observation is frequently called cynicism by those who don't have
it."

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------