Security Testing Web Applications
Often, the fast-paced development cycles of Web applications don't usually leave much room for testing. Thanks to the instant service pack phenomenon, we can update a Web application every day-so it's ok if things aren't perfect, right? That may be the case for functional bugs, but not security bugs. All an attacker needs is a very small window of opportunity to do damage. James Whittaker shows you how to identify these threats and demonstrates examples of attacks against them. From "SQL injection" to "cross-site scripting," and many more, you’ll leave with the knowledge of how a hacker views your online business and, as a tester, what you can do about it.