February 2006
Intermediate to advanced
240 pages
5h 47m
English
book
How to Break Web Software: Functional and Security Testing of Web Applications and Web Services
by James A. Whittaker, Mike Andrews
Content preview from How to Break Web Software: Functional and Security Testing of Web Applications and Web Services
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
CHAPTER 7. Attacking the Server
What’s In This Chapter?
This chapter follows the subject matter of the previous chapter, in which we detailed attacks against programs and applications on the Web server. In this chapter, we discuss direct attacks against the operating system and configuration of the Web server machine. The lesson is that it isn’t just about writing secure code, but also about ensuring that the environment in which the code runs is as secure as possible.
Introduction
Web applications reside on a server machine, and their contents are “served” to some client application—most often a browser. When information is sent back to the ...