Hunting Security Bugs
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 156
Pages: 156
- Hunting Security Bugs
- Back Cover
- About
- Foreword
- Introduction
- Who is This Book for?
- Organization of This Book
- System Requirements
- Technology Updates
- Code Samples and Companion Content
- Support for This Book
- Acknowledgments
- Chapter 1: General Approach to Security Testing
- Different Types of Security Testers
- An Approach to Security Testing
- Summary
- Chapter 2: Using Threat Models for Security Testing
- How Testers can Leverage a Threat Model
- Data Flow Diagrams
- Enumeration of Entry Points and Exit Points
- Enumeration of Threats
- How Testers Should Use a Completed Threat Model
- Implementation Rarely Matches the Specification or Threat Model
- Summary
- Chapter 3: Finding Entry Points
- Finding and Ranking Entry Points
- Common Entry Points
- Summary
- Chapter 4: Becoming a Malicious Client
- Testing HTTP
- Testing Specific Network Requests Quickly
- Testing Tips
- Summary
- Chapter 5: Becoming a Malicious Server
- Understanding Common Ways Clients Receive Malicious Server Responses
- Does SSL Prevent Malicious Server Attacks?
- Manipulating Server Responses
- Examples of Malicious Response Bugs
- Myth: It Is Difficult for an Attacker to Create a Malicious Server
- Understanding Downgrade MITM Attacks
- Testing Tips
- Summary
- Chapter 6: Spoofing
- Finding Spoofing Issues
- General Spoofing
- User Interface Spoofing
- Testing Tips
- Summary
- Chapter 7: Information Disclosure
- Locating Common Areas of Information Disclosure
- Identifying Interesting Data
- Summary
- Chapter 8: Buffer Overflows and Stack and Heap Manipulation
- Understanding How Overflows Work
- Testing for Overruns: Where to Look for Cases
- Black Box (Functional) Testing
- White Box Testing
- Additional Topics
- Testing Tips
- Summary
- Chapter 9: Format String Attacks
- Understanding Why Format Strings Are a Problem
- Testing for Format String Vulnerabilities
- Walkthrough: Seeing a Format String Attack in Action
- Testing Tips
- Summary
- Chapter 10: HTML Scripting Attacks
- Understanding Persistent XSS Attacks Against Servers
- Identifying Attackable Data for Reflected and Persistent XSS Attacks
- Common Ways Programmers Try to Stop Attacks
- Understanding Reflected XSS Attacks Against Local Files
- Understanding Script Injection Attacks in the My Computer Zone
- Ways Programmers Try to Prevent HTML Scripting Attacks
- Understanding How Internet Explorer Mitigates XSS Attacks Against Local Files
- Identifying HTML Scripting Vulnerabilities
- Finding HTML Scripting Bugs Through Code Review
- Summary
- Chapter 11: XML Issues
- Testing XML-Specific Attacks
- Simple Object Access Protocol
- Testing Tips
- Summary
- Chapter 12: Canonicalization Issues
- Finding Canonicalization Issues
- File-Based Canonicalization Issues
- Web-Based Canonicalization Issues
- Testing Tips
- Summary
- Chapter 13: Finding Weak Permissions
- Finding Permissions Problems
- Understanding the Windows Access Control Mechanism
- Finding and Analyzing Permissions on Objects
- Recognizing Common Permissions Problems
- Determining the Accessibility of Objects
- Other Permissions Considerations
- Summary
- Chapter 14: Denial of Service Attacks
- Testing Tips
- Summary
- Chapter 15: Managed Code Issues
- Dispelling Common Myths About Using Managed Code
- Understanding the Basics of Code Access Security
- Finding Problems Using Code Reviews
- Understanding the Issues of Using APTCA
- Decompiling .NET Assemblies
- Testing Tips
- Summary
- Chapter 16: SQL Injection
- Exactly What Is SQL Injection?
- Understanding the Importance of SQL Injection
- Finding SQL Injection Issues
- Avoiding Common Mistakes About SQL Injection
- Understanding Repurposing of SQL Stored Procedures
- Recognizing Similar Injection Attacks
- Testing Tips
- Summary
- Chapter 17: Observation and Reverse Engineering
- Using a Debugger to Trace Program Execution and Change its Behavior
- Using a Decompiler or Disassembler to Reverse Engineer a Program
- Analyzing Security Updates
- Testing Tips
- Legal Considerations
- Summary
- Chapter 18: ActiveX Repurposing Attacks
- Understanding ActiveX Controls
- ActiveX Control Testing Walkthrough
- Testing Tips
- Summary
- Chapter 19: Additional Repurposing Attacks
- Web Pages Requesting External Data
- Understanding Repurposing of Window and Thread Messages
- Summary
- Chapter 20: Reporting Security Bugs
- Contacting the Vendor
- What to Expect After Contacting the Vendor
- Public Disclosure
- Addressing Security Bugs in Your Product
- Summary
- Appendix A: Tools of the Trade
- Appendix B: Security Test Cases Cheat Sheet
- Spoofing
- Information Disclosures
- Buffer Overflows
- Format Strings
- Cross-Site Scripting and Script Injection
- XML
- SOAP
- Canonicalization Issues
- Weak Permissions
- Denial of Service
- Managed Code
- SQL Injection
- ActiveX
- List of Figures
- List of Tables
Hunting Security Bugs
ISBN: 073562187X
EAN: 2147483647
EAN: 2147483647
Year: 2004
Pages: 156
Pages: 156
- PE-CE Routing Protocol-OSPF and EIGRP
- OSPF PE-CE Routing Protocol Overview, Configuration and Verification
- Option 1: Inter-Provider VPN Using Back-to-Back VRF Method
- Case Study 3: Implementing Layer 2 VPNs over Inter-AS Topologies Using Layer 2 VPN Pseudo-Wire Switching
- Case Study 8: Implementing Hub and Spoke Topologies with EIGRP